GPO Security settings not applied (SceCli error 1202 0x4b8)
- From: trhacker <trhacker@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 23 Aug 2007 10:54:03 -0700
After applying group policies, some computers are experiencing problems in
receiving policies, while others are working perfectly. Actually, there's an
error in applying security settings.
The Event Viewer Application Log on the affected computers, shows the
following entries (errors SceCli 1202 and Userenv 1085)
------------------------------------------------------------
Event Type: Warning
Event Source: SceCli
Event Category: None
Event ID: 1202
Date: 2/17/2005
Time: 6:48:44 AM
User: N/A
Computer: TEC-CSTARNES
Description:
Security policies were propagated with warning. 0xd : The data is invalid.
For best results in resolving this event, log on with a
non-administrative account and search http://support.microsoft.com for
"Troubleshooting Event 1202's".
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
----------------------------------------------------------
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1085
Date: 2/17/2005
Time: 6:48:44 AM
User: NT AUTHORITY\SYSTEM
Computer: TEC-CSTARNES
Description:
The Group Policy client-side extension Security failed to execute.
Please look for any errors reported earlier by that extension.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
----------------------------------------------------------
I've enabled verbose logging on Security CSE, and that's what winlogon shows
after that.
**************************
Make a local copy of
\\domain.dom\sysvol\domain.dom\Policies\{FE596A33-164A-4B54-A07D-076665420FDF}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )
Process GP template gpt00000.inf.
-------------------------------------------
maandag 28 februari 2005 13:17:46
Error 1208: An extended error has occurred.
Error creating database.
----Configuration engine was initialized with one or more errors.----
**************************
Searching for solutions on Ms website and the web, I've found out that it's
probably a matter of corrupt local security database and/or log files.
So I'm going to try recreate the security database (probably next week cause
I can't do it now).
Well, let's say that recreating the security database solve the problem, the
matter now is:
1) How come many machines had their database corrupt? That seems very
strange to me, and I wonder if it could happen again in the future.
2) Since there are many machines involved, is it possible to solve this
problem in a centralized way, without having to logon to each machine
separately?
Thanks for any input...
.
- Prev by Date: Disable changing history settings
- Next by Date: Re: Disable changing history settings
- Previous by thread: Disable changing history settings
- Next by thread: Re: Setting rigth user using group policies
- Index(es):
Relevant Pages
|
