Win2003 system: event ID analysis and release of memory operations

Many users will say that the win2003 system has been used for many years, and any operation on the win2003 system is already very familiar. Is it really familiar? Is it really understandable? Then you will be familiar with the memory release and ID event analysis introduced below?

Windows server 2003 safe release memory

I often see friends complaining about the need to free up memory in the forum. In fact, if you install Windows 2003, you don't need to seek third-party memory management software that needs to be registered for long-term use.

Because Windows 2003 comes with a small program called Empty.exe, it can be used to release some of the resources that some applications can't release in time when they use a lot of memory.

Unlike those third-party software memory management software, Empty.exe does not force the system to release all resources, but only releases the necessary resources, so that it does not burden the hard disk.

The use of Empty.exe is quite simple, the command format is as follows:

Empty.exe pid (pid refers to the product id of the process)

or Empty.exe task-name (task-name refers to the name of the process)

Finally, it should be noted that Empty.exe can only be used in Windows Server 2003, and Windows 2000/XP is not used.

Windows Server 2003 Security Event ID Analysis

Based on the ID below, it helps us quickly identify security events generated by the Microsoft® Windows Server 2003 operating system, which means what happened.

I. Account Login Event

The following shows the security events generated by the “Auditing Account Login Event&Security; security template settings.

672: The authentication service (AS) ticket has been successfully issued and verified.

673: The Authorized Ticket Service (TGS) ticket is authorized. TGS is a ticket issued by the Kerberos v5 Ticket Authorization Service (TGS) that allows users to authenticate specific services in the domain.

674: The security principal has updated the AS ticket or TGS ticket.

675: Pre-authentication failed. The Key Distribution Center (KDC) generates this event when the user types the wrong password.

676: The authentication ticket request failed. This event is not generated in members of the Windows XP Professional or Windows Server family.

677: The TGS ticket is not authorized. This event is not generated in members of the Windows XP Professional or Windows Server family.

678: The account has been successfully mapped to a domain account.

681: Login failed. Try a domain account login. This event is not generated in members of the Windows XP Professional or Windows Server family.

682: The user has reconnected to a disconnected terminal server session.

683: The user disconnects the terminal server session without logging out. Previous12Next page Total 2 pages