DetailPage-MSS-KB

Microsoft small business knowledge base

Article ID: 278316 - Last Review: June 1, 2007 - Revision: 7.1

This article was previously published under Q278316

SYMPTOMS

The following event ID messages are logged every five minutes in the Application log:

Message 1

Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Date: 6/7/2000
Time: 2:56:53 PM
User: WINDOWS NT AUTHORITY\SYSTEM
Computer: ASKO-ONE
Description: The Group Policy client-side extension Security was passed flags (17) and returned a failure status code of (1208).

Message 2

Event Type: Warning
Event Source: SceCli
Event Category: None
Event ID: 1202
Date: 6/7/2000
Time: 2:56:53 PM
User: N/A
Computer: ASKO-ONE
Description: Security policies are propagated with warning. 0x4b8 : An extended error has occurred. Please look for more details in Troubleshooting section in Security Help.

Message 3

Event Type: Error
Event Source: ESENT
Event Category: Logging/Recovery
Event ID: 454
Date: 6/7/2000
Time: 2:56:53 PM
User: N/A
Computer: ASKO-ONE
Description: services (PID) Database recovery/restore failed with unexpected error -530.

Message 4

Event Type: Error
Event Source: ESENT
Event Category: Logging/Recovery
Event ID: 412
Date: 6/7/2000
Time: 2:56:53 PM
User: N/A
Computer: ASKO-ONE
Description: services (PID) Unable to read the log header. Error -530.

CAUSE

This issue occurs if the local Group Policy database file is corrupt.

RESOLUTION

To resolve this issue, use the procedure described in this section to re-create the local Group Policy file.

Important Implementing a security template on a domain controller may change the settings of the Default Domain Controller Policy or Default Domain Policy. The applied template may overwrite permissions on new files, registry keys and system services created by other programs. Restoring these policies might be necessary after applying a security template. Before performing these steps on a domain controller, create a backup of the SYSVOL share.

Note When you use the following procedure, your computer is returned to the original installation state where the Local Security Policy is not defined. You may have to start your computer in Safe mode to rename or move files. For additional information about how to do this, see Windows 2000 Help.
  1. Open the %SystemRoot%\Security folder, create a new folder, and then name it "OldSecurity".
  2. Move all of the files ending in .log from the %SystemRoot%\Security folder to the OldSecurity folder.
  3. Find the Secedit.sdb file in the %SystemRoot%\Security\Database folder, and then rename this file to "Secedit.old".
  4. Click Start, click Run, type mmc, and then click OK.
  5. Click Console, click Add/Remove Snap-in, and then add the Security and Configuration snap-in.
  6. Right-click Security and Configuration and Analysis, and then click Open Database.
  7. Browse to the %TEMP% folder, type Secedit.sdb in the File name box, and then click Open.
  8. When you are prompted to import a template, click Setup Security.inf, and then click Open.
  9. Copy %TEMP%\Secedit.sdb %SystemRoot%\Security\Database.

APPLIES TO
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition
  • Microsoft Windows 2000 Server
  • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
  • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
  • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Professional
Keywords: 
kberrmsg kbprb KB278316
Share
Additional support options
Ask The Microsoft Small Business Support Community
Contact Microsoft Small Business Support
Find Microsoft Small Business Support Certified Partner
Find a Microsoft Store For In-Person Small Business Support