alan-blair
asked on
Getting a lot of Event ID: 1058 followed by Event ID: 1030 in event log
I have an SBS 2003 server getting the following two events every couple of hours.
Recently this server was hacked by a SPAMMER. After changing the Administrator password and cleaning up exchange I see these events in the logs every day.
It is a very simple setup with a single server and a few PC's.
I found the following forum http://www.petri.co.il/for ums/showth read.php?t =24870. It suggested using ADSIedit to remove the GP. However, I get access denied when I try to delet the object "CN={31B2F340-016D-11D2-94 5F-00C04FB 984F9}"
Any suggestions on how to resolve this would be greatly appreciated.
Recently this server was hacked by a SPAMMER. After changing the Administrator password and cleaning up exchange I see these events in the logs every day.
It is a very simple setup with a single server and a few PC's.
I found the following forum http://www.petri.co.il/for
Any suggestions on how to resolve this would be greatly appreciated.
Source: Userenv
Category: (0)
Event ID: 1058
User (If Applicable): BAIC\Administrator
Computer: BAICSERVER
Event Description: Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=BAIC,DC=local. The file must be present at the location <\\BAIC.local\sysvol\BAIC.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>. (Logon failure: unknown user name or bad password. ). Group Policy processing aborted.
Event Log Name: Application
Event Log Type: error
Event Log Date Time: 2012-07-04 06:55:45
Source: Userenv
Category: (0)
Event ID: 1030
User (If Applicable): BAIC\Administrator
Computer: BAICSERVER
Event Description: Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.
Event Log Name: Application
Event Log Type: error
Event Log Date Time: 2012-07-04 06:55:45
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Any luck?
ASKER
Sorry for the delay guys.
Just after posting this question this customer lost all internet. It turned out that the guys wife took a telemarketing call from an ISP. Whithout her realising it their Optus business internet service was disconnected and a Telstra home internet service was ordered.
This was finally resolved onThursday last week.
Strangely, since that time I have not seen any of these errors occuring. Therefore I'll close this questions and distribute points for your efforts in helping me.
Just after posting this question this customer lost all internet. It turned out that the guys wife took a telemarketing call from an ISP. Whithout her realising it their Optus business internet service was disconnected and a Telstra home internet service was ordered.
This was finally resolved onThursday last week.
Strangely, since that time I have not seen any of these errors occuring. Therefore I'll close this questions and distribute points for your efforts in helping me.
ASKER