G
Guest
Hi MVP Sir,
I got the event id 1202 in my event viewer in Windows 2000 AD Server. then I
followed the 1202 event code instruction to solve the problem. the step:
open %windir%\Security\Logs\Winlogon.log, then show this follow error message.
Error 0 to send control flag 1 over to server.
GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )
[Mapping] gpt00000.dom = Default Domain Policy
-------------------------------------------
----Un-initialize configuration engine...
[Mapping] gpt00001.inf = Default Domain Controllers Policy
-------------------------------------------
09/14/2007 06:04:21
----Un-initialize configuration engine...
-------------------------------------------
09/14/2007 06:04:21
----Configuration engine is initialized successfully.----
----Reading Configuration template info...
----Configure User Rights...
Configure S-1-5-32-544.
Configure S-1-5-32-551.
Configure S-1-5-21-531969533-277817386-569397357-500.
Configure S-1-5-21-531969533-277817386-569397357-6435.
Configure S-1-5-21-531969533-277817386-569397357-3205.
Configure S-1-5-21-531969533-277817386-569397357-6434.
Configure S-1-5-21-531969533-277817386-569397357-3206.
Configure Power Users.
Error 1332: No mapping between account names and security IDs was done.
Cannot find Power Users.
Configure S-1-5-32-545.
Configure S-1-1-0.
Configure S-1-5-6.
Configure S-1-5-21-531969533-277817386-569397357-3204.
Configure S-1-5-11.
User Rights configuration completed with error.
2. I go to group policy>computer configuation>security settings>Local
Polices>User Rights Assignment, then deleted these unmatch account.
3. But the Event ID also shows in the event viewer.
4. Then I check the gpt00001.inf file. I found out some unmatch SID in the
file.
SeBackupPrivilege = Backup Operators,Administrators
SeBatchLogonRight =
*S-1-5-21-531969533-277817386-569397357-500,*S-1-5-21-531969533-277817386-569397357-6435,*S-1-5-21-531969533-277817386-569397357-3205,*S-1-5-21-531969533-277817386-569397357-6434,*S-1-5-21-531969533-277817386-569397357-3206,Backup
Operators
SeCreatePagefilePrivilege = Administrators
SeIncreaseBasePriorityPrivilege = Administrators
SeIncreaseQuotaPrivilege = Administrators
SeInteractiveLogonRight = Backup
Operators,*S-1-5-21-531969533-277817386-569397357-3204,*S-1-5-21-531969533-277817386-569397357-3205,*S-1-5-21-531969533-277817386-569397357-6435,Administrators
SeLoadDriverPrivilege = Administrators
SeNetworkLogonRight =
Administrators,*S-1-5-21-531969533-277817386-569397357-6435,*S-1-5-21-531969533-277817386-569397357-3205,*S-1-5-21-531969533-277817386-569397357-6434,*S-1-5-21-531969533-277817386-569397357-3206,*S-1-5-11,Backup Operators
SeProfileSingleProcessPrivilege = Administrators
SeRemoteShutdownPrivilege = Administrators
SeRestorePrivilege = Backup Operators,Administrators
SeSecurityPrivilege = Administrators
SeServiceLogonRight = Backup Operators
SeShutdownPrivilege = Backup Operators,Administrators
SeSystemEnvironmentPrivilege = Administrators
SeSystemProfilePrivilege = Administrators
SeSystemTimePrivilege = Administrators
SeTakeOwnershipPrivilege = Administrators
SeTcbPrivilege = Backup Operators
SeEnableDelegationPrivilege = Administrators
SeMachineAccountPrivilege =
*S-1-5-21-531969533-277817386-569397357-500,*S-1-5-11
SeUndockPrivilege = Administrators
I want to try to delete these unmatch SID. But I worried affect the AD
performance or can not run AD in my office. That I do not delete these.
Question:
How can I solve this problem.
Why the winlogon file will show the "Cannot find Power Users"? . Because I
never config security permission to Power Users.
I had two DC in my office. If I delete unmatch SID, Does two DC Server need
to be deleted simultaneity?
Thank for your help appreciatively.
I got the event id 1202 in my event viewer in Windows 2000 AD Server. then I
followed the 1202 event code instruction to solve the problem. the step:
open %windir%\Security\Logs\Winlogon.log, then show this follow error message.
Error 0 to send control flag 1 over to server.
GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )
[Mapping] gpt00000.dom = Default Domain Policy
-------------------------------------------
----Un-initialize configuration engine...
[Mapping] gpt00001.inf = Default Domain Controllers Policy
-------------------------------------------
09/14/2007 06:04:21
----Un-initialize configuration engine...
-------------------------------------------
09/14/2007 06:04:21
----Configuration engine is initialized successfully.----
----Reading Configuration template info...
----Configure User Rights...
Configure S-1-5-32-544.
Configure S-1-5-32-551.
Configure S-1-5-21-531969533-277817386-569397357-500.
Configure S-1-5-21-531969533-277817386-569397357-6435.
Configure S-1-5-21-531969533-277817386-569397357-3205.
Configure S-1-5-21-531969533-277817386-569397357-6434.
Configure S-1-5-21-531969533-277817386-569397357-3206.
Configure Power Users.
Error 1332: No mapping between account names and security IDs was done.
Cannot find Power Users.
Configure S-1-5-32-545.
Configure S-1-1-0.
Configure S-1-5-6.
Configure S-1-5-21-531969533-277817386-569397357-3204.
Configure S-1-5-11.
User Rights configuration completed with error.
2. I go to group policy>computer configuation>security settings>Local
Polices>User Rights Assignment, then deleted these unmatch account.
3. But the Event ID also shows in the event viewer.
4. Then I check the gpt00001.inf file. I found out some unmatch SID in the
file.
SeBackupPrivilege = Backup Operators,Administrators
SeBatchLogonRight =
*S-1-5-21-531969533-277817386-569397357-500,*S-1-5-21-531969533-277817386-569397357-6435,*S-1-5-21-531969533-277817386-569397357-3205,*S-1-5-21-531969533-277817386-569397357-6434,*S-1-5-21-531969533-277817386-569397357-3206,Backup
Operators
SeCreatePagefilePrivilege = Administrators
SeIncreaseBasePriorityPrivilege = Administrators
SeIncreaseQuotaPrivilege = Administrators
SeInteractiveLogonRight = Backup
Operators,*S-1-5-21-531969533-277817386-569397357-3204,*S-1-5-21-531969533-277817386-569397357-3205,*S-1-5-21-531969533-277817386-569397357-6435,Administrators
SeLoadDriverPrivilege = Administrators
SeNetworkLogonRight =
Administrators,*S-1-5-21-531969533-277817386-569397357-6435,*S-1-5-21-531969533-277817386-569397357-3205,*S-1-5-21-531969533-277817386-569397357-6434,*S-1-5-21-531969533-277817386-569397357-3206,*S-1-5-11,Backup Operators
SeProfileSingleProcessPrivilege = Administrators
SeRemoteShutdownPrivilege = Administrators
SeRestorePrivilege = Backup Operators,Administrators
SeSecurityPrivilege = Administrators
SeServiceLogonRight = Backup Operators
SeShutdownPrivilege = Backup Operators,Administrators
SeSystemEnvironmentPrivilege = Administrators
SeSystemProfilePrivilege = Administrators
SeSystemTimePrivilege = Administrators
SeTakeOwnershipPrivilege = Administrators
SeTcbPrivilege = Backup Operators
SeEnableDelegationPrivilege = Administrators
SeMachineAccountPrivilege =
*S-1-5-21-531969533-277817386-569397357-500,*S-1-5-11
SeUndockPrivilege = Administrators
I want to try to delete these unmatch SID. But I worried affect the AD
performance or can not run AD in my office. That I do not delete these.
Question:
How can I solve this problem.
Why the winlogon file will show the "Cannot find Power Users"? . Because I
never config security permission to Power Users.
I had two DC in my office. If I delete unmatch SID, Does two DC Server need
to be deleted simultaneity?
Thank for your help appreciatively.