Hi all, I need your kind help for sorting this issue. Issue: I have configured event-566/Security in MOM and it is triggering the alert as expected but the object name is not in a readable format and it is substituting GUID by default. IS it due to permission issue on security logs or even i configured different email format in MOM rule but i get the same. Kindly help me fixing the issue. Severity: Critical Error Status: New Source: Security Name: Directory Service Access Description: Object Operation: Object Server: DS Operation Type: Object Access Object Type: %{bf967aba-0de6-11d0-a285-00aa003049e2} Object Name: %{33261aac-de9a-4f57-ba7e-4bd9c86def97} The above object name should be Object Type: user Object Name: CN=Aqeel Khalil Al Zarouni,OU=Staff Accounts,OU=Users,OU=du-Corp,DC=corp,DC=du,DC=ae Regards, Pratap

MOM? Really? MOM? I think you are getting what you can get. The formatting of this data is not pre-made in the events in the security log. Processing each one requires an AD lookup for each GUID involved. You could _try_ granting elevated read permissions to your AD to see if these improve magically - but you may be at your limit.Microsoft Corporation

Hi, To explain why GUID always appears in your results , Please visit this link: http://blogs.msdn.com/b/ericfitz/archive/2007/05/03/enumerating-control-access-rights-and-other-ad-stuff.aspx and to resolve this problem , the following link my help you: http://social.technet.microsoft.com/Forums/en/ITCG/thread/728c6aed-a3ef-4b6f-b5bc-28024251d5eb Oussama Oueslati | System Engineer | vNext Consulting

This has been sorted out in SCOM. Thanks for all ur supportRegards, Pratap