• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 7085
  • Last Modified:

"The Group Policy security settings that apply to this machine could not be determined"

Windows 2003 Server, not running SP1.

When navigating to Security Options under Local Computer Policy>Windows Settings>Security Settings>Local Policies, I get the following, "The Group Policy security settings that apply to this machine could not be determined.  The error returned when trying to retreive these settings from the local security policy database (%windir%\security\database\secedit.sdb) was: The parameter is inccorrect."

(Forgive me if I misspelled anything.  Had to type that out.)

From what I've read so far, my security db is corrupt.  Fine.  Well, I've run the esenutl /r command, which tells me:

'Integrity check successful.'

With no errors.  But I still get the error in my .mmc.  I've tried rebuilding the database using:




and even


No joy.  I'm at a loss.  I'm not even sure what I changed that caused this.  I thought I was just changing this:


Because I was having trouble mapping a drive.

Any ideas would be greatly appreciated it.
  • 3
1 Solution
fetiAuthor Commented:
I should add that when I try KB 278316, I get a permissions error.  "access is denied.  Import Failed Make sure you have the right permissions to this object."  I'm logged in as admin.
fetiAuthor Commented:
And when I try 313222 I get the following:

'An extended error has occurred.

The task has completed with an error.
See log %windir%\security\logs\scesrv.log for detail info.'

The great part is, scesrv.log is empty.
you have DC?
what the error in event viewer?

fetiAuthor Commented:
Call to Microsoft fixed this.  Apparently doing this:

'LAN Manager Authentication Level set to Send LM and NTLM - use NTLMv2 session security if negotiated - (default) send LM & NTLM responses'

is a bad thing.  The Microsoft tech walked me through deleting two registry keys in HKEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>Control>MSV1_0 that referred to NTLM security.  I didn't copy down the names of the keys, unfortunately, but if you have anything other than (Default) and Auth2, that's probably the problem.

Oh, and he did this for no charge.  Woot me.

I'll be requesting a point refund.
Closed, 500 points refunded.
The Experts Exchange
Community Support Moderator of all Ages
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now