Security event log entry

[gary () aspectcapital com]

Hi All, 

I monitor the security event logs of machines for logon/logoff events for local accounts. 'ladm-'  However I have 
noticed that recently machines are not reporting these events, at the frequency i expect. I have noticed that machines 
are now logging the event 

SuccessAudit 16/01/2007 16:29:53 Security Object Access 560 ASPECTPC99\ladm-mbutton 
Object Open: Object Server: Security Account Manager Object Type: SAM_ALIAS Object Name: 
DOMAINS\Builtin\Aliases\0000022B Handle ID: 1090992 Operation ID: {0,639099906} Process ID: 788 Image File Name: 
C:\WINDOWS\system32\lsass.exe Primary User Name: ASPECTPC99$ Primary Domain: ASPECT Primary Logon ID: (0x0,0x3E7) 
Client User Name: ladm-mbutton Client Domain: ASPECTPC99 Client Logon ID: (0x0,0x2617DC5B) Accesses: AddMember 
RemoveMember ListMembers ReadInformation Privileges: - Restricted Sid Count: 0 

Does anyone know if the access of lsass.exe is related to the logon or use of the local 'ladm' account?

Thanks in advance,