Event ID 1000, 1202, 412 ja 454 (server 2003)

Event ID virheet ja varoitukset
eero
Site Admin
Viestit: 329
Liittynyt: 07 Marras 2007 20:17

Event ID 1000, 1202, 412 ja 454 (server 2003)

Viesti Kirjoittaja eero »

ESENT event IDs 1000, 1202, 412, and 454 are logged repeatedly in the Application log View products that this article applies to.

Article ID : 278316
Last Review : June 1, 2007
Revision : 7.1
This article was previously published under Q278316

SYMPTOMS
The following event ID messages are logged every five minutes in the Application log:

Message 1
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Date: 6/7/2000
Time: 2:56:53 PM
User: WINDOWS NT AUTHORITY\SYSTEM
Computer: ASKO-ONE
Description: The Group Policy client-side extension Security was passed flags (17) and returned a failure status code of (1208).

Message 2
Event Type: Warning
Event Source: SceCli
Event Category: None
Event ID: 1202
Date: 6/7/2000
Time: 2:56:53 PM
User: N/A
Computer: ASKO-ONE
Description: Security policies are propagated with warning. 0x4b8 : An extended error has occurred. Please look for more details in Troubleshooting section in Security Help.

Message 3
Event Type: Error
Event Source: ESENT
Event Category: Logging/Recovery
Event ID: 454
Date: 6/7/2000
Time: 2:56:53 PM
User: N/A
Computer: ASKO-ONE
Description: services (PID) Database recovery/restore failed with unexpected error -530.

Message 4
Event Type: Error
Event Source: ESENT
Event Category: Logging/Recovery
Event ID: 412
Date: 6/7/2000
Time: 2:56:53 PM
User: N/A
Computer: ASKO-ONE
Description: services (PID) Unable to read the log header. Error -530.


CAUSE
This issue occurs if the local Group Policy database file is corrupt.


RESOLUTION
To resolve this issue, use the procedure described in this section to re-create the local Group Policy file.

Important Implementing a security template on a domain controller may change the settings of the Default Domain Controller Policy or Default Domain Policy. The applied template may overwrite permissions on new files, registry keys and system services created by other programs. Restoring these policies might be necessary after applying a security template. Before performing these steps on a domain controller, create a backup of the SYSVOL share.

Note When you use the following procedure, your computer is returned to the original installation state where the Local Security Policy is not defined. You may have to start your computer in Safe mode to rename or move files.

1. Open the %SystemRoot%\Security folder, create a new folder, and then name it "OldSecurity".
2. Move all of the files ending in .log from the %SystemRoot%\Security folder to the OldSecurity folder.
3. Find the Secedit.sdb file in the %SystemRoot%\Security\Database folder, and then rename this file to "Secedit.old".
4. Click Start, click Run, type mmc, and then click OK.
5. Click Console, click Add/Remove Snap-in, and then add the Security and Configuration snap-in.
6. Right-click Security and Configuration and Analysis, and then click Open Database.
7. Browse to the %TEMP% folder, type Secedit.sdb in the File name box, and then click Open.
8. When you are prompted to import a template, click Setup Security.inf, and then click Open.
9. Copy %TEMP%\Secedit.sdb %SystemRoot%\Security\Database.

APPLIES TO
• Microsoft Windows 2000 Advanced Server
• Microsoft Windows 2000 Professional Edition
• Microsoft Windows 2000 Server
• Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
• Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
• Microsoft Windows Server 2003, Standard Edition (32-bit x86)
• Microsoft Windows Server 2003, Web Edition
• Microsoft Windows XP Home Edition
• Microsoft Windows XP Professional
eero
Site Admin
Viestit: 329
Liittynyt: 07 Marras 2007 20:17

Re: Event ID 1000, 1202, 412 ja 454

Viesti Kirjoittaja eero »

At Startup, Error 1332 Occurs, Message Reports Lack of Mapping Between Account Names and Security IDs, Inability to Find Power Users
View products that this article applies to.

Article ID : 285903
Last Review : March 1, 2007
Revision : 2.2
This article was previously published under Q285903

SYMPTOMS
When you start your Windows 2000-based computer, Event Viewer may record Event IDs 1202 and 1000 occurring approximately every 5 minutes:


Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Description: The Group Policy client-side extension Security was passed flags (17) and returned a failure status code of (1208).


Event Type: Warning
Event Source: SceCli
Event Category: None
Event ID: 1202
Description: Security policies are propagated with warning. 0x4b8 : An extended error has occurred. Please look for more details in TroubleShooting section in Security Help.

When you review the Winlogon.log file, you observe the following error message:

Error 1332: No mapping between account names and security IDs was done. Cannot find Power Users.

RESOLUTION
To resolve this behavior, remove all references to the Power Users group in the Local Security settings. Follow these steps:

1. Click Start, point to Settings, and then click Control Panel.
2. Double-click Administrative Tools, and then double-click Local Security Policy.
3. Click Local Policies, and then click User Rights Assignment.
4. Double-click each item under User Rights Assignments to see whether the item contains the Power Users group. When you find a policy item that contains the Power Users group, click to clear the Power Users check box and then click OK.
5. Restart the computer and review the Winlogon.log file and Event Viewer to make sure that the error messages no longer occur.


APPLIES TO• Microsoft Windows 2000 Server
• Microsoft Windows 2000 Advanced Server
• Microsoft Windows 2000 Datacenter Server
• Microsoft Windows 2003 Server (****Mahdollisesti jos eka ohje ei auttanut. Kannattaa kokeilla****)
Vastaa Viestiin