An account was mapped for logon
On this page
I have not actually seen this event logged by Windows but suspect that if it is logged at all it would be in conjunction with IIS's certificate mapping capability where users are authenticated via a client certificate which is then mapped to a Windows user account according to mapping rules defined in IIS.
I haven't been able to produce this event. Have you? If so, please start a discussion (see above) and post a sample along with any comments you may have! Don't forget to sanitize any private information.
Free Security Log Quick Reference Chart
Top 10 Windows Security Events to Monitor
An account was mapped for logon.
Authentication Package: %1
Account UPN: %2
Mapped Name: %3
Keep me up-to-date on the Windows Security Log.
*We will NOT share this
Go To Event ID: