scecli 0x534 event id 1202

I am repeatedly getting error scecli 0x534 event id 1202 on my AD and have identified the user as well.
He used to be an account operator and left the organization sometime ago and his account has been deleted.

I can see his username still appearing under Resultant Set of Policy >> User Rights Assignment, Allow log on locally with a red X in front of it.
His username is there but the remove option has been disabled

How can i remove from that list??
LVL 14
shahzoorAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
ARK-DSConnect With a Mentor Commented:
Hello,

PLease run this command to find what users do not have SID resolved.

find /i "cannot find" %SYSTEMROOT%\security\logs\winlogon.log

Now once you get the output, run RSOP.MSC, check the setting that is giving you 1202, check from which GPO it is coming.
Say for example it is coming from Default Domain Policy, then edit the default domain policy to remove that user form the setting.

The reason why the option to remove the user is greyed out is because you are trying to remove it from RSOP output. Just check the GPO and edit that GPO to remove the user.

Regards,

Arun.
0
 
Mike ThomasConsultantCommented:
You could try useing adsiedit to drill down to the OU where the account was and see if it is lurking.

Also was his account deleted or renamed?
0
 
shahzoorAuthor Commented:
it was deleted
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Mike ThomasConsultantCommented:
Ok check using adsiedit.msc, connect to configuration then drill down to the OU where the user was.
0
 
shahzoorAuthor Commented:
on resultant set of policy the computer setting is
Server Operator, Print Operator,Backup Operator,  USERNAME OF DELETED ACCOUNT, Administrators, Operators
Source GPO = Default Domain Controller Policy

When im checking using adsiedit.msc, his name is appearing no where
i have checked OU of Domain & configuration but nothing appears there.
Isn't there an option to search?
0
 
shahzoorAuthor Commented:
thanks alot :)
0
All Courses

From novice to tech pro — start learning today.