Log on as administrator or have someone who knows the administrator
password and check to see if the CrashOnAuditFail value is set to anything
but 0. If so do the following.
Part 1: Disable the Security Policy
-----------------------------------
Disable the following Group Policy setting on either the default
domain or the domain controller organizational unit:
Computer Configuration\Windows Settings\Security Settings\Local
Policies\Security Options\Shut down your system immediately if unable
to log security audits
You can find this policy on the default domain policy, default
domain controller policy, and local security policy.
Note After you disable the security policy, you must also remove the
security policy registry key.
Edit the CrashOnAuditFail Registry Key
----------------------------------------------
1. Click "Start", and then click "Run".
2. In the "Open" box, type "regedt32.exe" (without the quotation
marks), and then click "OK".
3. Click the following registry key:
HKEY_LOCAL_MACHINE\CurrentControlSet\Control\Lsa\CrashOnAuditFail
4. In the right pane, double-click CrashOnAuditFail.
5. In the "Value data" box, type "0" (without the quotation marks)
(zero), and then click "OK".
6. Click "Start", and then click "Run".
7. In the "Open" box, type "secedit /refreshpolicy machine_policy
/enforce" (without the quotation marks), and then click "OK" to apply
the new security setting.
8. Restart your server.
