Ko je restartovao WIN 2003/2008 server?

velda May 18, 2018

Ili, gde gledati u logovima, i šta tačno tražiti da bi se našla informacija o tome ko je, i kada resetovao server.

1. Gde gledati : “Event Viewer”, pod “System” event log
2. System event log filterovati po : “Event ID” 1074, i “Source” : user32. Time će se videti ko (ili šta) je resetovao server.

U logu će pisati ovako nešto :
“The process C:\Windows\system32\winlogon.exe (PSWAPPSRV) has initiated the restart of computer TESTNISERVER on behalf of user MOJDOMEN\mojnalog for the following reason: No title for this reason could be found
Reason Code: 0x500ff
Shutdown Type: restart
Comment: “

Ima i drugi metod, pogledati direktno u Shutdown log na lokaciji : C:\WINDOWS\system32\LogFiles\Shutdown

Dobri linkovi : link1, link2

More Stories

Excel brojanje jedinstvenih ćelija

velda May 13, 2024

Access

velda September 11, 2023

VBA u Excel-u

velda September 8, 2023

You may have missed

Excel brojanje jedinstvenih ćelija

velda May 13, 2024

Uskršnja heklana jaja, deo 2

velda May 9, 2024

Heklana uskršnja jaja :-)

velda April 26, 2024

Heklani držač za tegle

velda February 19, 2024

Heklana balaklava za hladno vreme

velda February 19, 2024