Event ID 4661: A handle to an object was requested.
|Description||The event is generated when a SAM object is opened.|
The event logs the following information:
|Access request information||
When the object is closed you get event ID 4658 with the same handle ID.
Corresponding event in 2003 and earlier versions: Event 565
ADAudit Plus helps in tracking deletion of directory service objects, besides security principals, such as OU, GPO, container, contact, DNS node, etc.
Event 4661 applies to the following operating systems:
- Windows Server 2008 R2 and 7
- Windows Server 2012 R2 and 8.1
- Windows Server 2016 and 10
Explore Active Directory auditing and reporting with ADAudit Plus.
- Related Products
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- EventLog Analyzer Real-time Log Analysis & Reporting
- ADSelfService Plus Self-Service Password Management
- AD360 Integrated Identity & Access Management
- Log360 Comprehensive SIEM and UEBA
- AD Free Tools Active Directory FREE Tools