Event ID 1202 - I have searched for the answer and cannot find it - Windows 2000 SP4

Frist let me say I have been looking through this website to find an answer and have not found one - Basically I get the error - But read below the error to see what I have done -

Security policies are propagated with warning. 0x534 : No mapping between account names and security IDs was done.

For best results in resolving this event, log on with a non-administrative account and search http://support.microsoft.com for "troubleshooting 1202 events".
A user account in one or more Group policy objects (GPOs) could not be resolved to a SID. This error is possibly caused by a mistyped nor deleted user account referenced in either the User Rights or Restricted Groups branch of a GPO.  To resolve this event, contact an administrator in the domain to perform the following actions:

1.Identify accounts that could not be resolved to a SID: From the command prompt, type: FIND /I "Cannot find" %SYSTEMROOT%\Security\Logs\winlogon.log
The string following "Cannot find" in the FIND output identifies the problem account names.
Example: Cannot find JohnDough.
In this case, the SID for username "JohnDough" could not be determined. This most likely occurs because the account was deleted, renamed, or is spelled differently (e.g. "JohnDoe").

2.Identify the GPOs that contain the unresolvable account name:
From the command prompt type FIND /I "JohnDough" %SYSTEMROOT%\Security\templates\policies\gpt*.*
      The output of the FIND command will resemble the following:
      ---------- GPT00000.DOM
      ---------- GPT00001.DOM
      SeRemoteShutdownPrivilege=JohnDough
      This indicates that of all the GPO’s being applied to this machine,  the unresolvable account exists only in one GPO.  Specifically, the cached GPO named GPT00001.DOM.
      Now we need to determine the friendly name of this GPO in the next step.

3. Locate the friendly names of each of the GPOs that contain an unresolvable account name.  These GPOs were identified in the previous step.
From the command prompt, type: FIND /I "[Mapping]" %SYSTEMROOT%\Security\Logs\winlogon.log
      The string following "[Mapping] gpt0000?.dom =" in the FIND output identifies the friendly names for all GPO’s being applied to this machine.
      Example: [Mapping] gpt00001.dom = User Rights Policy
      In this case, the GPO that contains the unresolvable account (gpt00001.dom) has a friendly name of "User Rights Policy".

4. Remove unresolved accounts from each GPO that contains an unresolvable account.
      a. Start -> Run -> MMC.EXE
      b. From the File menu select "Add/Remove Snap-in…"
      c. From the "Add/Remove Snap-in" dialog box select "Add…"
      d. In the "Add Standalone Snap-in" dialog box select "Group Policy" and click "Add"
      e. In the "Select Group Policy Object" dialog box click the "Browse" button.
      f. On the "Browse for a Group Policy Object" dialog box choose the "All" tab
      g. Right click on the first policy identified in step 3 and choose edit
      h.      Review each setting under Computer Configuration/ Windows Settings/ Security Settings/ Local Policies/ User Rights
       Assignment or Computer Configuration/ Windows Settings/ SecuritySettings/ Restricted Groups for accounts identified in step 1.
      i. Repeat steps 3g and 3h for all subsequent GPOs identified in step 3.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


I did exactly what the error asked me to do and foudn out from step one it is a Power User

Step 2 - I had the GPT0000.DOM,GPT0001.DOM and GPT0002.INF

Step 3 - Location is the Default Domain Policy and Controller Policy

Step 4 is where I am getting lost - What do I need to do to fix this problem?

Thanks
LVL 2
modest911Asked:
Who is Participating?
 
EE_AutoDeleterConnect With a Mentor Commented:
modest911,
Because you have presented a solution to your own problem which may be helpful to future searches, this question is now PAQed and your points have been refunded.

EE_AutoDeleter
0
 
modest911Author Commented:
Fixed - I removed the logon locally admin policy - put back in - error is gone - please close -
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.