Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

Troubleshooting
Research
Professional Opinions
Ask a Question
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

troubleshooting Question

Getting a lot of Event ID: 1058 followed by Event ID: 1030 in event log

Avatar of alan-blair
alan-blairFlag for Australia asked on
Email ServersMicrosoft Legacy OSMicrosoft Server Apps
6 Comments1 Solution865 ViewsLast Modified:
I have an SBS 2003 server getting the following two events every couple of hours.

Recently this server was hacked by a SPAMMER. After changing the Administrator password and cleaning up exchange I see these events in the logs every day.

It is a very simple setup with a single server and a few PC's.

I found the following forum http://www.petri.co.il/forums/showthread.php?t=24870. It suggested using ADSIedit to remove the GP. However, I get access denied when I try to delet the object "CN={31B2F340-016D-11D2-945F-00C04FB984F9}"

Any suggestions on how to resolve this would be greatly appreciated.

 Source: Userenv
 Category: (0)
 Event ID: 1058
 User (If Applicable): BAIC\Administrator
 Computer: BAICSERVER
 Event Description: Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=BAIC,DC=local. The file must be present at the location <\\BAIC.local\sysvol\BAIC.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>. (Logon failure: unknown user name or bad password. ). Group Policy processing aborted.
 Event Log Name: Application
 Event Log Type: error
 Event Log Date Time: 2012-07-04 06:55:45


 Source: Userenv
 Category: (0)
 Event ID: 1030
 User (If Applicable): BAIC\Administrator
 Computer: BAICSERVER
 Event Description: Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.
 Event Log Name: Application
 Event Log Type: error
 Event Log Date Time: 2012-07-04 06:55:45
ASKER CERTIFIED SOLUTION
Avatar of mpbeavjr
mpbeavjrFlag of United States of America image

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Commented:
This problem has been solved!
Unlock 1 Answer and 6 Comments.
See Answers