Ghost deleted user accounts

  • Thread starter Thread starter Gregg Hill
  • Start date Start date
G

Gregg Hill

Hello!

I have a Windows 2000 domain that I inherited. It has an Application Log
filled with "Security policies are propagated with warning. 0x534" errors
every five minutes. An hour of Googling shows the problem is likely due to
deleted user accounts still being linked to group policies.

I have many ghost accounts starting with *S-1-5-21, but I cannot find out
how to delete those accounts. They do not show up in AD Users/Computers. How
do I delete all of them?

Thank you for the help!

Gregg Hill
 
You need to delete the unresolved SIDs from the group policies that are
hitting that server.
This can be done in the Active Directory Users and Computers MMC. When you
edit the policy you will see entries like you mentioned or make even
longer. These are usually in the user rights assignmnet section.

You can also use GPRESULT.EXE with the /V switch to get a list of what
Group Policies are hitting the machine.

Regards

IBTerry [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.
 
Back
Top