|
Posted by Roger Abell [MVP] on May 8, 2007, 9:57 pm
Please log in for more thread options
> Sorry meant I have not been running SBS 2000. I and all my clients are
> on SBS 2003
>
> --
> Cris Hanna [SBS-MVP]
Whew - really glad here that you clarified that one !! :-)
Roger
>>I have not been running SBS (nor have any of my clients for 4 years) so
>>unfortunately I can't advise further
>>
>> --
>> Cris Hanna [SBS-MVP]
>> -------------------------------------------------
>> Microsoft MVPs
>> Independent Experts (MVPs do not work for MS)
>> Real World Answers
>> ---------------------------------------------------------
>> Please do not contact me directly regarding issues
>>
>>> Cris,
>>>
>>> Thanks for your reply. I started at eventid.net when I first noticed the
>>> problem.
>>>
>>> As for KB 260715, I looked at that and dismissed it.
>>>
>>> 1) It does not explain why installing KB925902 starts the problem and
>>> removing KB925902 stops the problem.
>>> 2) The administrator account is not renamed.
>>>
>>> As for KB 285903, I looked at that and dismissed it.
>>>
>>> 1) It does not explain why installing KB925902 starts the problem and
>>> removing KB925902 stops the problem.
>>> 2) There are references to the Power Users Group in the User Rights
>>> Assignment branch, but the references came "out of the box" and are
>>> nothing I added.
>>> 3) Winlogon.log has no errors (other than Error 0 as a normal return)
>>> and does not contain the error message referred to in 285903 or even the
>>> characters "power".
>>>
>>> Have you installed KB925902 on SBS 2000 without getting this problem?
>>>
>>> Joe M
>>>
>>> "Cris Hanna [SBS-MVP]"
>>>> www.eventid.net shows the following regarding your issue
>>>>
>>>> Error code 0x4b8 (decimal 1208) - "An extended error occurred". See KB
>>>> 260715 - A conflict in Group Policy can cause these events to occur.
>>>> These error messages can occur if the "Rename Administrator Account"
>>>> security policy is enabled and then set to an account name that is
>>>> already in use. Also, as per KB 285903, to resolve this behavior,
>>>> remove all references to the Power Users group in the Local Security
>>>> settings.
>>>>
>>>> --
>>>> Cris Hanna [SBS-MVP]
>>>> -------------------------------------------------
>>>> Microsoft MVPs
>>>> Independent Experts (MVPs do not work for MS)
>>>> Real World Answers
>>>> ---------------------------------------------------------
>>>> Please do not contact me directly regarding issues
>>>>
>>>>>I started getting Application warnings shortly after I installed the
>>>>>critical hotfix KB 925902 on my SBS 2000 server and restarted. They
>>>>>continued every 5 minutes apart until I uninstalled the hotfix a week
>>>>>later.
>>>>>
>>>>> Troubleshooting articles I found all suggested that the cause was some
>>>>> form of corruption in the security database. As directed, I ran
>>>>> "esentutl.exe /q C:\WINNT\security\database\secedit.sdb". I got no
>>>>> errors. I have had no problems looking at and changing security
>>>>> policies.
>>>>>
>>>>> What's the underlying cause of the problem? How do I fix this so that
>>>>> I can keep the hotfix installed?
>>>>>
>>>>> Is there a better newsgroup for this question?
>>>>>
>>>>> The SBS 2000 Server is running Exchange and SQL. All are on current
>>>>> service packs.
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Joe M
>>>>>
>>>>> ----------------------------------------------
>>>>>
>>>>> This is a cut/paste of the first warning event:
>>>>>
>>>>> Event Type: Warning
>>>>> Event Source: SceCli
>>>>> Event Category: None
>>>>> Event ID: 1202
>>>>> Date: 4/9/2007
>>>>> Time: 10:25:12 AM
>>>>> User: N/A
>>>>> Computer: MY-SBS
>>>>> Description:
>>>>> Security policies are propagated with warning. 0x4b8 : An extended
>>>>> error has
>>>>> occurred.
>>>>>
>>>>> For best results in resolving this event, log on with a
>>>>> non-administrative
>>>>> Event
>>>>> 1202s".
>>>>>
>>>>> I kept getting these warning events every 5 minutes until I
>>>>> uninstalled KB925902. After the restart I got:
>>>>>
>>>>> Event Type: Information
>>>>> Event Source: SceCli
>>>>> Event Category: None
>>>>> Event ID: 1704
>>>>> Date: 4/17/2007
>>>>> Time: 10:35:20 PM
>>>>> User: N/A
>>>>> Computer: BIAGINI-SBS
>>>>> Description:
>>>>> Security policy in the Group policy objects are applied
>>>>> successfully.
>>>>>
>>>>> I have had no SceCli warning events since.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>
| 
XML Sitemap