Re: Remove GP from machine that has been removed from AD
From: Glenn L (the.only(delete)_at_gmail)
Date: 02/10/05
- Next message: Steven L Umbach: "Re: Add a group to local admins"
- Previous message: Mark Heitbrink [MVP]: "Re: Add a group to local admins"
- In reply to: Justin : "Remove GP from machine that has been removed from AD"
- Next in thread: Justin : "Re: Remove GP from machine that has been removed from AD"
- Reply: Justin : "Re: Remove GP from machine that has been removed from AD"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 9 Feb 2005 23:52:02 -0800
hmmm
first time I have seen this one.
Turn up winlogon logging
Location of the log file - %windir%\security\logs
Registry Location -
HKLM\Software\Microsoft\WindowsNT\CurrentVersion\WinLogon\GPExtensions\
{827D319E-6EAC-11D2-A4EA-00C04F79F83A
Registry Setting - Add the REG_DWORD value "ExtensionDebugLevel"
and set it to 0x2
Execute a gpupdate /force, verify you get the 1202 event, and post the log
file to this thread.
-- Glenn L CCNA, MCSE 2000/2003 + Security "Justin" <noemail@please.com> wrote in message news:4snl01hbbr02vm8kiu0c9bfbin5jrhl8ks@4ax.com... >I placed my home PC on the domain a while back to do some development > work with .Net and 2003 Active Directory. My machine took the normal > Group Policy. I've since removed my machine from AD, and now I get > the following fatal errors: > > 1)[Warning] Source: SceCli > Security policies were propagated with warning. 0x428 : An exception > occurred in the service when handling the control request. > > For best results in resolving this event, log on with a > non-administrative account and search http://support.microsoft.com for > "Troubleshooting Event 1202's". > > For more information, see Help and Support Center at > http://go.microsoft.com/fwlink/events.asp. > > 2)[Error] Source: Userenv > The Group Policy client-side extension Security failed to execute. > Please look for any errors reported earlier by that extension. > > For more information, see Help and Support Center at > http://go.microsoft.com/fwlink/events.asp. > > Since my machine is no longer part of any domain, is there a way to > ditch ALL Group Policy? I know theres a hot fix for this, but I > prefer not to alpha test microsoft patches.... > > Thanks, > > Justin
- Next message: Steven L Umbach: "Re: Add a group to local admins"
- Previous message: Mark Heitbrink [MVP]: "Re: Add a group to local admins"
- In reply to: Justin : "Remove GP from machine that has been removed from AD"
- Next in thread: Justin : "Re: Remove GP from machine that has been removed from AD"
- Reply: Justin : "Re: Remove GP from machine that has been removed from AD"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
