Lithnet Access Manager
PricingRequest a trial or quoteDownloads
v2.0
v2.0
  • Home
  • What's new in Access Manager v2
  • How does Lithnet Access Manager help prevent lateral movement?
  • Access Manager Editions
  • Licensing
  • Change log
  • Installation
    • Getting started
    • System Requirements
    • Downloads
    • Upgrading from Access Manager v1
    • Installing the Access Manager Server
      • Creating a service account for the Access Manager Service
      • SQL installation options
      • Installing the Access Manager Service
      • High availability options
        • Load balancing Access Manager
        • Installing Access Manager in a Failover Cluster
    • Installing the Access Manager Agent
      • Choosing between the Microsoft and Lithnet agents for LAPS support
      • Installing the Access Manager Agent on Windows
      • Installing the Access Manager Agent on Linux
      • Installing the Access Manager Agent on macOS
  • Configuration
    • Setting up Authentication
      • Setting up authentication with ADFS
      • Setting up authentication with Azure AD
      • Setting up authentication with Okta
      • Setting up smart card authentication
      • Setting up integrated windows authentication
    • Deploying Features
      • Setting up Microsoft LAPS for Active Directory
      • Setting up Microsoft LAPS for Azure Active Directory
      • Setting up Lithnet LAPS
        • Preparing the AMS directory
        • Setting the AMS directory for Lithnet LAPS clients
        • Setting up Lithnet LAPS for Azure AD joined and registered devices
        • Setting up Lithnet LAPS for domain-joined devices
        • Setting up Lithnet LAPS for macOS and Linux
        • Setting up Lithnet LAPS for standalone Windows devices
      • Setting up BitLocker access
      • Setting up JIT for computers
      • Setting up JIT for roles
    • Importing authorization rules
      • Import Microsoft LAPS permissions from Active Directory
      • Importing BitLocker permissions from Active Directory
      • Importing local administrator group membership from domain-joined Windows devices
      • Import mappings from a CSV file
      • Importing rules from the Lithnet LAPS web app
      • Performing an offline discovery of local admins
  • Help and support
    • Frequently asked Questions
    • Troubleshooting
    • Quick start guides
      • Getting started with Windows LAPS and Lithnet Access Manager
      • Getting started with Windows LAPS for Active Directory
      • Getting started with Windows LAPS for Azure Active Directory
    • Support Articles
      • KB000001: The Access Manager Agent cannot connect and logs a token-validation-failed error
      • KB000002: Users retain their admin rights after their JIT period expires
      • KB000003: Configuring the Access Manager Agent to manage an account other than 'root' on Linux
      • KB000004: Creating a log file to troubleshoot installation issues with the Access Manager Service
      • KB000005: Access Manager stops working after applying the November 2022 Windows update
      • KB000006: Migrating the Access Manager Database
      • KB000007: Adding JIT groups via Group Policy doesn't work with NTLM Disabled
      • KB000008: AMS is unable to JIT into privileged groups such as Domain Admins
    • Advanced help topics
      • Ports and traffic flows
      • Internet access requirements
      • Access evaluation in Access Manager Service (AMS)
      • Recovering from a lost encryption certificate
      • Script-based authorization
      • Customized auditing with PowerShell notification channels
      • Variables available in audit notification channels
      • Setting up audit templates
      • Backup and Restore
      • Event ID reference
    • PowerShell reference
      • Add-AmsDeviceRegistrationKeyGroup
      • Add-AmsGroupMember
      • Export-AmsServerDiagnostics
      • Get-AmsActiveDirectoryJitOptions
      • Get-AmsComputerAuthorizationRule
      • Get-AmsDevice
      • Get-AmsDeviceRegistrationKey
      • Get-AmsGroup
      • Get-AmsGroupMembers
      • Get-AmsHostConfig
      • Get-AmsJitSchedulerJob
      • Get-AmsLocalAdminPassword
      • Get-AmsLocalAdminPasswordHistory
      • Get-AmsRoleAuthorizationRule
      • New-AmsComputerAuthorizationRule
      • New-AmsDeviceRegistrationKey
      • New-AmsGroup
      • New-AmsRoleAuthorizationRule
      • Remove-AmsComputerAuthorizationRule
      • Remove-AmsDevice
      • Remove-AmsDeviceRegistrationKey
      • Remove-AmsDeviceRegistrationKeyGroup
      • Remove-AmsGroup
      • Remove-AmsGroupMember
      • Remove-AmsJitSchedulerJob
      • Remove-AmsRoleAuthorizationRule
      • Set-AmsActiveDirectoryJitOptions
      • Set-AmsComputerAuthorizationRule
      • Set-AmsDevice
      • Set-AmsDeviceRegistrationKey
      • Set-AmsGroup
      • Set-AmsHostConfig
      • Set-AmsRoleAuthorizationRule
    • Application help pages
      • Access Manager Directory configuration page
      • Access Manager Directory Devices page
      • Access Manager Directory Groups page
      • Lithnet LAPS configuration page (Access Manager Directory)
      • Access Manager Directory Registration Keys page
      • Lithnet LAPS configuration page (Active Directory)
      • Microsoft LAPS configuration page
      • Active Directory configuration page
      • Auditing page
      • Authentication configuration page
      • Computer authorization rules page
      • Role authorization rules page
      • Azure Active Directory configuration page
      • BitLocker configuration page
      • Database configuration page
      • Effective access page
      • Email configuration page
      • IP Address detection configuration page
      • Just-in-time access configuration page
      • Licensing configuration page
      • Rate limit configuration page
      • Host configuration page
      • User interface configuration page
      • Security page
    • Getting Support
Powered by GitBook
On this page
  • Access Manager Server
  • Agent

Was this helpful?

  1. Help and support
  2. Advanced help topics

Event ID reference

Access Manager Server

Event ID
Severity
Description

2000

Informational

A user has requested access to a computer

2001

Informational

A user has been added to a local SAM group

2002

Informational

A user has been removed from a local SAM group

2003

Informational

The JIT worker service has created a new group

2004

Informational

The JIT worker service has deleted a group

2005

Informational

The JIT worker service has created a new dynamic group

2006

Informational

The JIT worker service has deleted a dynamic group

2007

Informational

JIT access has been granted to a user via PAM

2008

Informational

JIT access has been revoked from a user via PAM

2009

Informational

A user has requested access to a role

2010

Informational

JIT access has been granted to a user via the scheduler

2011

Informational

JIT access has been revoked from a user via the scheduler

2012

Informational

The JIT scheduler determined that the user no longer exists

2013

Informational

The JIT scheduler determined that the group no longer exists

2101

Informational

A computer authorization rule has been added

2102

Informational

A computer authorization rule has been deleted

2103

Informational

A computer authorization rule has been modified

2104

Informational

A role authorization rule has been added

2105

Informational

A role authorization rule has been deleted

2106

Informational

A role authorization rule has been modified

2200

Informational

The database does not exist

2201

Informational

The database has been created

2202

Informational

Database upgrade is required

2203

Informational

The database is being deleted

2204

Informational

The database has been deleted

2205

Informational

Database upgrade check is in progress

2206

Informational

Database upgrade has been completed

2207

Informational

Database upgrade is not required

2300

Informational

The master key has been exported

3000

Audit Success

A user has been authenticated

3001

Audit Success

Access to the computer's current local admin password has been granted

3002

Audit Success

Access to the computer's password history has been granted

3003

Audit Success

JIT access to a computer has been granted

3004

Audit Success

BitLocker access to a computer has been granted

3005

Audit Success

JIT access to a role has been granted

4000

Errors

SSO identity not found

4001

Errors

Computer not found in directory

4002

Errors

LAPS password not present

4003

Errors

Computer name is ambiguous

4004

Errors

A user request reason was required but it was not provided

4006

Errors

User certificate identity not found

4008

Errors

User certificate validation error

4009

Errors

Identity discovery error

4010

Errors

Computer discovery error

4011

Errors

No LAPS password history is available

4012

Errors

Authorization failed because there were no rules that matched for the specific user

4013

Errors

Authorization failed because there were no rules that matched for the requested computer

4014

Errors

Authorization failed

4015

Errors

Authorization was explicitly denied

4016

Errors

Authorization failed because a mandatory audit event failed to be delivered

4017

Errors

The IP-based rate limit was exceeded

4018

Errors

The user-based rate limit was exceeded

4019

Errors

BitLocker keys were not present for the specified computer

4020

Errors

Authorization failed because the rate limit was exceeded

4021

Errors

The search request returned too many results

5001

Errors

Failed to add a user to a local SAM group

5002

Errors

Failed to remove a user from a local SAM group

5003

Errors

Invalid certificate - invalid or unsupported URI scheme

5004

Errors

Unexpected error

5005

Errors

Error loading template resource

5006

Errors

Notification channel delivery error

5007

Errors

Unhandled error in background task

5008

Errors

Error processing an authorization rule

5009

Errors

JIT rollback is in progress

5010

Errors

JIT rollback failed

5011

Errors

JIT error

5012

Errors

An error occured in the pre-authorization process

5013

Errors

LAPS password history error

5014

Errors

LAPS password error

5015

Errors

Authorization error

5016

Errors

Application is not configured

5017

Errors

Certificate trust chain parsing issue

5018

Errors

Error looking up target directory

5019

Errors

Error creating authorization context

5020

Errors

Authorization context fallback

5021

Errors

Authorization context server cannot connect

5022

Errors

Invalid response from PowerShell security descriptor generator

5023

Errors

DN parse error

5024

Errors

Unexpected error in JIT worker

5025

Errors

Failed to create JIT worker group

5026

Errors

Failed to delete JIT worker group

5027

Errors

JIT worker USN fallback

5028

Errors

JIT dynamic group has invalid domain

5029

Errors

External authentication provider error

5030

Errors

Error processing authentication provider response

5031

Errors

Error looking up authentication directory

5032

Errors

Access denied by external authentication provider

5033

Errors

Certificate authentication access denied

5034

Errors

Certificate authentication error

5035

Errors

BitLocker key access error

5036

Errors

Error reading resource

5037

Errors

Error importing certificate

5038

Errors

Error exporting certificate

5039

Errors

The certificate could not be synchronized because the private key was not exportable

5040

Errors

Database upgrade error

5041

Errors

Database upgrade warning

5042

Errors

Database upgrade info

5048

Errors

Failed to check for new version

5049

Errors

Failed to check certificate expiry

5050

Errors

API is not enabled

5051

Errors

Database backup job failed

5052

Errors

Database initialization failed

5053

Errors

The scheduler failed to remove JIT membership

5054

Errors

The scheduler abandoned the membership removal job

5055

Errors

Password retrieval restricted by license

5056

Errors

Database maintenance job failed

5057

Errors

JIT worker job failed

5058

Errors

Certificate authentication failed because no certificate was presented

Agent

Event ID
Description

1000

The agent has started

1001

The agent has been disabled

1002

The LAPS agent is currently disabled

1020

The LAPS agent has been enabled

1004

The LAPS agent cannot run because it is running on a domain controller

1006

An unexpected exception occurred in the LAPS process

1007

An unexpected exception occurred in the agent

1008

The LAPS agent is not configured

1009

There was a conflict between the Access Manager Agent and the Windows LAPS agent. Only one may be active at any one time

1010

The password has expired

1011

Password has been set on the LAPS attribute

1012

Password has been set on the Access Manager attribute

1013

Password has been changed

1014

Failure in password expiry check

1015

Failure in password change

1017

LAPS conflict has been resolved

1018

No password change required

1019

UWF (Unified Write Filter) has been enabled

2001

Error in server connection

2002

Server credentials are not recognized

2003

No server is configured

2004

AADR (Azure Active Directory Registration) registration is not allowed

2005

AMS registration has been rejected

2006

AMS registration information is missing

2007

AD certificate private key is not available

2008

Impersonation failure

2009

AMS registration failed due to an invalid registration key

2010

Failed to enable the account

2011

Failed to reset the agent

2012

Server certificate has expired

2013

Server certificate hostname mismatch

2014

Server certificate validation failed

3001

Registration is not ready

3002

No suitable AAD (Azure Active Directory) tenant found

4001

AMS registration is pending

4002

AMS registration has been approved

4003

AMS registration is starting

4004

Secondary credentials have been registered

4005

Agent reset has been completed

PreviousBackup and RestoreNextPowerShell reference

Last updated 10 months ago

Was this helpful?