Windows 2000 Domain Controller logging Event ID 1202 errors

Hello,

I have a couple of Windows 2000 Domain Controllers that are logging Event ID SceCli 1202 errors on a regular basis.  The complete error is as follows:

Security policies are propagated with warning. 0x57 : The parameter is incorrect.

I've looked through the winlogon.log file to see if I can find anything.  I do find one line that says completed with errors, but it doesn't state what the error is.  The snippet from winlogon.log is attached.(note the "Configure File Security section" that shows completed with errors")

Any ideas on what to look for?  Thanks.

11/14/2008 09:56:45
----Configuration engine is initialized successfully.----
 
----Reading Configuration template info...
 
 
----Configure User Rights...
	Configure S-1-5-21-1013974696-1236999600-1520766640-20005.
	Configure S-1-5-21-1013974696-1236999600-1520766640-9871.
	Configure S-1-5-21-1013974696-1236999600-1520766640-14037.
	Configure S-1-5-21-1013974696-1236999600-1520766640-512.
	Configure S-1-5-32-544.
	Configure S-1-5-32-551.
	Configure S-1-5-21-1013974696-1236999600-1520766640-500.
	Configure S-1-5-21-1013974696-1236999600-1520766640-13493.
	Configure S-1-5-21-1013974696-1236999600-1520766640-15993.
	Configure S-1-5-21-1013974696-1236999600-1520766640-16499.
	Configure S-1-5-21-1013974696-1236999600-1520766640-10993.
	Configure S-1-5-21-1013974696-1236999600-1520766640-15019.
	Configure S-1-5-21-1013974696-1236999600-1520766640-13492.
	Configure S-1-5-21-1013974696-1236999600-1520766640-15992.
	Configure S-1-5-21-1013974696-1236999600-1520766640-16500.
	Configure S-1-5-21-1013974696-1236999600-1520766640-10992.
	Configure S-1-5-21-1013974696-1236999600-1520766640-15020.
	Configure S-1-5-21-1013974696-1236999600-1520766640-19992.
	Configure S-1-5-18.
	Configure S-1-5-32-545.
	Configure S-1-5-21-73586283-261478967-839522115-1003.
	Configure S-1-5-6.
	Configure S-1-5-21-1013974696-1236999600-1520766640-20000.
	Configure S-1-5-21-1013974696-1236999600-1520766640-9895.
	Configure S-1-5-21-1013974696-1236999600-1520766640-8527.
	Configure S-1-5-11.
	Configure S-1-5-21-1013974696-1236999600-1520766640-1224.
	Configure S-1-5-21-1013974696-1236999600-1520766640-513.
	Configure S-1-5-21-1013974696-1236999600-1520766640-11994.
	Configure S-1-5-21-1013974696-1236999600-1520766640-11993.
	Configure S-1-1-0.
	Configure S-1-5-21-1013974696-1236999600-1520766640-11714.
	Configure S-1-5-21-1013974696-1236999600-1520766640-20003.
	Configure S-1-5-21-1013974696-1236999600-1520766640-9879.
	Configure S-1-5-21-1013974696-1236999600-1520766640-17506.
	Configure S-1-5-21-1013974696-1236999600-1520766640-10333.
	Configure S-1-5-21-1013974696-1236999600-1520766640-9864.
 
	User Rights configuration completed successfully.
 
 
----Configure Group Membership...
 
	Group Membership configuration completed successfully.
 
 
----Configure File Security...
 
	File security configuration completed with error.
 
 
----Configure Security Policy...
	Configure log settings.
 
	Audit/Log configuration completed successfully.
	Configure kerberos policy.
 
	Kerberos policy configuration completed successfully.
	Configure machine\software\microsoft\windows nt\currentversion\setup\recoveryconsole\securitylevel.
	Configure machine\software\microsoft\windows nt\currentversion\setup\recoveryconsole\setcommand.
	Configure machine\software\microsoft\windows nt\currentversion\winlogon\allocatecdroms.
	Configure machine\software\microsoft\windows nt\currentversion\winlogon\allocatedasd.
	Configure machine\software\microsoft\windows nt\currentversion\winlogon\allocatefloppies.
	Configure machine\software\microsoft\windows nt\currentversion\winlogon\cachedlogonscount.
	Configure machine\software\microsoft\windows nt\currentversion\winlogon\passwordexpirywarning.
	Configure machine\software\microsoft\windows nt\currentversion\winlogon\scremoveoption.
	Configure machine\software\microsoft\windows\currentversion\policies\system\disablecad.
	Configure machine\software\microsoft\windows\currentversion\policies\system\dontdisplaylastusername.
	Configure machine\software\microsoft\windows\currentversion\policies\system\legalnoticecaption.
	Configure machine\software\microsoft\windows\currentversion\policies\system\legalnoticetext.
	Configure machine\software\microsoft\windows\currentversion\policies\system\shutdownwithoutlogon.
	Configure machine\system\currentcontrolset\control\lsa\auditbaseobjects.
	Configure machine\system\currentcontrolset\control\lsa\crashonauditfail.
	Configure machine\system\currentcontrolset\control\lsa\fullprivilegeauditing.
	Configure machine\system\currentcontrolset\control\lsa\lmcompatibilitylevel.
	Configure machine\system\currentcontrolset\control\lsa\restrictanonymous.
	Configure machine\system\currentcontrolset\control\print\providers\lanman print services\servers\addprinterdrivers.
	Configure machine\system\currentcontrolset\control\session manager\memory management\clearpagefileatshutdown.
	Configure machine\system\currentcontrolset\control\session manager\protectionmode.
	Configure machine\system\currentcontrolset\services\lanmanserver\parameters\autodisconnect.
	Configure machine\system\currentcontrolset\services\lanmanserver\parameters\enableforcedlogoff.
	Configure machine\system\currentcontrolset\services\lanmanserver\parameters\enablesecuritysignature.
	Configure machine\system\currentcontrolset\services\lanmanserver\parameters\requiresecuritysignature.
	Configure machine\system\currentcontrolset\services\lanmanworkstation\parameters\enableplaintextpassword.
	Configure machine\system\currentcontrolset\services\lanmanworkstation\parameters\enablesecuritysignature.
	Configure machine\system\currentcontrolset\services\lanmanworkstation\parameters\requiresecuritysignature.
	Configure machine\system\currentcontrolset\services\netlogon\parameters\disablepasswordchange.
	Configure machine\system\currentcontrolset\services\netlogon\parameters\requiresignorseal.
	Configure machine\system\currentcontrolset\services\netlogon\parameters\requirestrongkey.
	Configure machine\system\currentcontrolset\services\netlogon\parameters\sealsecurechannel.
	Configure machine\system\currentcontrolset\services\netlogon\parameters\signsecurechannel.
 
	Registry values configuration completed successfully.
 
 
----Configure available attachment engines...
 
	Attachment engines configuration completed successfully.
 
 
----Un-initialize configuration engine...

Open in new window

mcascioAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

mcascioAuthor Commented:
For the most part, that is the whole event.  But here it is:

Security policies are propagated with warning. 0x57 : The parameter is incorrect.

For best results in resolving this event, log on with a non-administrative account and search http://support.microsoft.com for "Troubleshooting Event 1202s".
0
mcascioAuthor Commented:
I found that there were two settings in Group Policy, either of which were causing this error.  The first was a file security right that referenced a file that did not exist.  The second was a file security right where the account listed did not have permissions set.  I removed both of these file system rights and the problem went away.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.