Impersonate a client after authentication (Windows)

Module: Account Integrity

Supported Platforms: Windows 2000, Windows 2003, Windows 2008

This check reports accounts with rights to impersonate other accounts. You can use the name list to exclude or include users or security groups that are not already excluded or included by the Users to check option.

The following table lists the error message for the check.

Table: Error message for Impersonate a client after authentication

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: ESM_IMPERSONATE_NAME Category: Policy Compliance	Windows 2000 (105960) Windows 2003 (205963) Windows 2008 (248963)	Title: Impersonate a client for authentication Description:The user or security group has the right to impersonate other accounts.	Severity: yellow-1 Correctable: true Snapshot Updatable: false Template Updatable: false Information Field Format: [Full name: %s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: ESM_IMPERSONATE_NAME

Category: Policy Compliance

Windows 2000 (105960)
Windows 2003 (205963)
Windows 2008 (248963)

Title: Impersonate a client for authentication

Description:The user or security group has the right to impersonate other accounts.

Severity: yellow-1

Correctable: true

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [Full name: %s]