Details
Product:Windows Operating System
Event ID:552
Source:Security
Version:5.0
Symbolic Name:SE_AUDITID_LOGON_USING_EXPLICIT_CREDENTIALS
Message:Logon attempt using explicit credentials:
Logged on user:
User Name: %1
Domain: %2
Logon ID: %3
Logon GUID: %4
User whose credentials were used:
Target User Name: %5
Target Domain: %6
Target Logon GUID: %7

Target Server Name: %8
Target Server Info: %9
Caller Process ID: %10
Source Network Address: %11
Source Port: %12
   
Explanation

A user who is logged on tried to create another logon session with a different user's credentials. Typically, this occurs when the user runs the RUNAS command and specifies a different set of credentials.

  • The Logged on user fields specify the user's original credentials.
  • The Target User fields specify the credentials that the user supplied for the new logon session.
  • The Caller Process ID field specifies the process that made the logon request with the new credentials.
  • The Source Network Address and Source Port fields specify the source IP address and source port number for the remote computer that sent the logon request, if applicable.

   
User Action

No user action is required.


Currently there are no Microsoft Knowledge Base articles available for this specific error or event message. For information about other support options you can use to find answers online, see http://support.microsoft.com/default.aspx.