Event ID1000 and Event ID 1202 Messages Are Reported When You Set Security on the File Replication Service by Using Group Policy (284461)
The information in this article applies to:
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Advanced Server MultiLanguage Version
This article was previously published under Q284461 IMPORTANT: This article contains information about modifying the registry. Before you
modify the registry, make sure to back it up and make sure that you understand how to restore
the registry if a problem occurs. For information about how to back up, restore, and edit the
registry, click the following article number to view the article in the Microsoft Knowledge Base:
256986 Description of the Microsoft Windows Registry
SYMPTOMS
If you configure the Startup mode and security settings on the File Replication service (FRS) through Group Policy, the following error messages may be logged in the Application event log in Event Viewer:
Event Type: Warning
Event Source: SceCli
Event Category: None
Event ID: 1202
Date: 1/4/2001
Time: 1:01:30 PM
User: N/A
Computer: Server
Description:
Security policies are propagated with warning. 0x5 : Access is denied.
Please look for more details in Troubleshooting section in Security Help.
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Date: 1/4/2001
Time: 1:01:30 PM
User: NT AUTHORITY\SYSTEM
Computer: Server
Description:
The Group Policy client-side extension Security was passed flags (17) and returned a failure status code of (5).
If you enable Security Configuration Client logging (which produces the Winlogon.log file), the following error message is logged in Winlogon.log:
Configure NtFrs.
Warning 5: Access is denied.
Error opening NtFrs.
General Service configuration completed with error.
CAUSE
This issue occurs because of the locked-down security that was originally set on the FRS through Group Policy. When you attempt to configure the FRS through Group Policy, the policy engine no longer has the permission to set security on the FRS and does not attempt to take ownership of the FRS.
RESOLUTIONWARNING: If you use Registry Editor incorrectly, you may cause serious problems that may
require you to reinstall your operating system. Microsoft cannot guarantee that you can solve
problems that result from using Registry Editor incorrectly. Use Registry Editor at your own
risk.
To reset security on the FRS:
- Navigate to the following policy in the Group Policy object (GPO) where security has been set on the FRS:
Computer Configuration\Windows Settings\Security Settings\System Services - Right-click File Replication Service and click Security.
- Give the System and Administrators groups Full Control permissions.
- Verify that the edited policy has been replicated to all domain controllers.
- Start Registry Editor (Regedt32.exe).
- Locate and click the following registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTFRS - Delete the Security subkey.
- Restart the computer.
To confirm that the security policy has been successfully applied, check for consecutive "Event ID 1704" messages in the Application event log.
MORE INFORMATION
This issue may also occur when you attempt to configure other computer services.
| Modification Type: | Minor | Last Reviewed: | 1/27/2006 |
|---|
| Keywords: | kbenv kberrmsg kbprb kbSecurity KB284461 |
|---|
|