Re: Problem Not Solved....?
- From: "Steve Moffat" <steve@xxxxxxxxxxxxxxx>
- To: "Isa List" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 23 Apr 2003 22:17:23 +0100
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Date: 10/16/1999
Time: 10:13:11 am
User: NT AUTHORITY\SYSTEM
Computer: COMPUTERNAME
Description: The Group Policy client-side extension Security was passed
flags (17) and returned a failure status code of (1332).
CAUSE
This issue can occur for any of the following reasons:
You installed a program, which creates user accounts and assigns rights
to those user accounts. Later, you remove the program, which deletes the
user accounts, but does not remove the rights from policy before the
accounts are deleted.
-or-
You add a user account and assign rights to the account. Later, you
delete the account, but you do not remove the account from the user
rights policy.
RESOLUTION
To resolve this issue, follow these steps:
Add the ExtensionDebugLevel DWORD value with the value data 2 to the
following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\
GPExtension\{827...}
NOTE: In the registry key, any GUID starting with "{827".
Under the command window, type secedit /refreshpolicy machine_policy
/enforce to generate the Winlogon.log file in the
Windows_folder\Security\Logs folder.
Restart the Netlogon service.
Search the Winlogon.log file for deleted user accounts.
Confirm that this user account is not located in any of the User Rights
Assignments in the Default Domain Controllers policy as well as in the
Local Security Policy, under the effective settings column.
For additional information about the User Rights Policy, click the
article number below to view the article in the Microsoft Knowledge
Base:
234237 Assign Log On locally Rights to Windows 2000 Domain Controller
NOTE: The preceding article describes how to add a user to the list. In
this case you use the same procedure except you delete a user account
from the list.
Steve
This E-Mail is confidential. It is not intended to be read, copied, disclosed
or used by any person other than the recipient.
Unauthorised use, disclosure, or copying is strictly prohibited and may be
unlawful. Optimum Computer Solutions disclaims any liability for any action
taken in connection of this E-Mail. The comments or statements expressed in
this E-Mail are not necessarily those of Optimum Computer Solutions or its
subsidiaries or affiliates.
usermanager@xxxxxxxxxxxxxxx
Other related posts:
