Event ID: 1202

---

• From: penny <penny@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Mon, 17 Sep 2007 20:54:00 -0700

---

Hi MVP Sir,

I got the event id 1202 in my event viewer in Windows 2000 AD Server. then I
followed the 1202 event code instruction to solve the problem. the step:

open %windir%\Security\Logs\Winlogon.log, then show this follow error message.
Error 0 to send control flag 1 over to server.
GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )

[Mapping] gpt00000.dom = Default Domain Policy
-------------------------------------------
----Un-initialize configuration engine...

[Mapping] gpt00001.inf = Default Domain Controllers Policy
-------------------------------------------
09/14/2007 06:04:21

----Un-initialize configuration engine...
-------------------------------------------
09/14/2007 06:04:21
----Configuration engine is initialized successfully.----

----Reading Configuration template info...

----Configure User Rights...
Configure S-1-5-32-544.
Configure S-1-5-32-551.
Configure S-1-5-21-531969533-277817386-569397357-500.
Configure S-1-5-21-531969533-277817386-569397357-6435.
Configure S-1-5-21-531969533-277817386-569397357-3205.
Configure S-1-5-21-531969533-277817386-569397357-6434.
Configure S-1-5-21-531969533-277817386-569397357-3206.
Configure Power Users.
Error 1332: No mapping between account names and security IDs was done.
Cannot find Power Users.
Configure S-1-5-32-545.
Configure S-1-1-0.
Configure S-1-5-6.
Configure S-1-5-21-531969533-277817386-569397357-3204.
Configure S-1-5-11.

User Rights configuration completed with error.



2. I go to group policy>computer configuation>security settings>Local
Polices>User Rights Assignment, then deleted these unmatch account.

3. But the Event ID also shows in the event viewer.

4. Then I check the gpt00001.inf file. I found out some unmatch SID in the
file.

SeBackupPrivilege = Backup Operators,Administrators
SeBatchLogonRight =
*S-1-5-21-531969533-277817386-569397357-500,*S-1-5-21-531969533-277817386-569397357-6435,*S-1-5-21-531969533-277817386-569397357-3205,*S-1-5-21-531969533-277817386-569397357-6434,*S-1-5-21-531969533-277817386-569397357-3206,Backup
Operators
SeCreatePagefilePrivilege = Administrators
SeIncreaseBasePriorityPrivilege = Administrators
SeIncreaseQuotaPrivilege = Administrators
SeInteractiveLogonRight = Backup
Operators,*S-1-5-21-531969533-277817386-569397357-3204,*S-1-5-21-531969533-277817386-569397357-3205,*S-1-5-21-531969533-277817386-569397357-6435,Administrators
SeLoadDriverPrivilege = Administrators
SeNetworkLogonRight =
Administrators,*S-1-5-21-531969533-277817386-569397357-6435,*S-1-5-21-531969533-277817386-569397357-3205,*S-1-5-21-531969533-277817386-569397357-6434,*S-1-5-21-531969533-277817386-569397357-3206,*S-1-5-11,Backup Operators
SeProfileSingleProcessPrivilege = Administrators
SeRemoteShutdownPrivilege = Administrators
SeRestorePrivilege = Backup Operators,Administrators
SeSecurityPrivilege = Administrators
SeServiceLogonRight = Backup Operators
SeShutdownPrivilege = Backup Operators,Administrators
SeSystemEnvironmentPrivilege = Administrators
SeSystemProfilePrivilege = Administrators
SeSystemTimePrivilege = Administrators
SeTakeOwnershipPrivilege = Administrators
SeTcbPrivilege = Backup Operators
SeEnableDelegationPrivilege = Administrators
SeMachineAccountPrivilege =
*S-1-5-21-531969533-277817386-569397357-500,*S-1-5-11
SeUndockPrivilege = Administrators


I want to try to delete these unmatch SID. But I worried affect the AD
performance or can not run AD in my office. That I do not delete these.

Question:

How can I solve this problem.

Why the winlogon file will show the "Cannot find Power Users"? . Because I
never config security permission to Power Users.

I had two DC in my office. If I delete unmatch SID, Does two DC Server need
to be deleted simultaneity?



Thank for your help appreciatively.

.

---

• Follow-Ups:
  • Re: Event ID: 1202
    • From: Meinolf Weber

• Prev by Date: Re: Kerberos KDC not starting. Eventid 7023; Error 31
• Next by Date: Re: Event ID: 1202
• Previous by thread: Re: Kerberos KDC not starting. Eventid 7023; Error 31
• Next by thread: Re: Event ID: 1202
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Event ID: 1202 ... Cannot find Power Users. ... SeEnableDelegationPrivilege = Administrators ... SeSystemEnvironmentPrivilege = Administrators ... SeRestorePrivilege = Backup ... (microsoft.public.win2000.active_directory) Re: Event ID: 1202 ... I could not find Power Users in these policy files. ... SeEnableDelegationPrivilege = Administrators ... SeRestorePrivilege = Backup ... (microsoft.public.win2000.active_directory) RE: Internet Explorer Application Failure ... Outside of that, do a backup, clean install, and stop letting users work as ... > It happens to all users and all users are administrators. ... >> Sysinternals.com) to determine which files or registry keys IE is trying to ... >> Microsoft MVP - Terminal Server ... (microsoft.public.win2000.termserv.apps) Re: NTBackup for non-Administrator users ... the Backup Operator doesn't work. ... the software wouldn't find the attached USB Tape device. ... allow Administrators rights to the device & port. ... (microsoft.public.win2000.applications) RE: Internet Explorer Application Failure ... I understand that giving everyone administrative rights is a very bad idea ... but unfortnaletly it was the only way the cutomers custom applications would ... > Outside of that, do a backup, clean install, and stop letting users work as ... >> It happens to all users and all users are administrators. ... (microsoft.public.win2000.termserv.apps)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Win2000  > microsoft.public.win2000.active_directory  > 2007-09