Failed Group Policy Container Access (Change Auditor Protection)

Change Auditor for Active Directory 7.1.1

I recently implemented Protection on several GPOs. I only allow Domain Admins and Group Policy Creator Owners excluded from Protection.

When I run the query 'All Group policy Events', I have hundreds of entries Failed Group Policy Container Access (Change Auditor Protection) from my PDC.

It states:

What: Access to Group Policy Default Domain Policy was denied by Change Auditor Protection on <Domain>\PDC.

Action:  Modify Attribute

I tried adding the PDC computer account to the Exclusion from Protection, but it did not help.

I have 2 questions:

  1. Why does the PDC computer role try to constantly acces my Protected GPOs?
  2. Is there a way to correct this?
  3. What is it trying to modify???

Any help would greatly be appreciated.

If I run a report on all GPOs changes, this fills up the report with nonsense.

Dave