Microsoft KB Archive/278316

= ESENT event IDs 1000, 1202, 412, and 454 are logged repeatedly in the Application log =

Article ID: 278316

Article Last Modified on 6/1/2007

-

APPLIES TO


 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition
 * Microsoft Windows 2000 Server
 * Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
 * Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
 * Microsoft Windows Server 2003, Standard Edition (32-bit x86)
 * Microsoft Windows Server 2003, Web Edition
 * Microsoft Windows XP Home Edition
 * Microsoft Windows XP Professional

-



This article was previously published under Q278316



SYMPTOMS
The following event ID messages are logged every five minutes in the Application log:

Message 1 Event Type: Error

Event Source: Userenv

Event Category: None

Event ID: 1000

Date: 6/7/2000

Time: 2:56:53 PM

User: WINDOWS NT AUTHORITY\SYSTEM

Computer: ASKO-ONE

Description: The Group Policy client-side extension Security was passed flags (17) and returned a failure status code of (1208).

Message 2 Event Type: Warning

Event Source: SceCli

Event Category: None

Event ID: 1202

Date: 6/7/2000

Time: 2:56:53 PM

User: N/A

Computer: ASKO-ONE

Description: Security policies are propagated with warning. 0x4b8 : An extended error has occurred. Please look for more details in Troubleshooting section in Security Help.

Message 3 Event Type: Error

Event Source: ESENT

Event Category: Logging/Recovery

Event ID: 454

Date: 6/7/2000

Time: 2:56:53 PM

User: N/A

Computer: ASKO-ONE

Description: services (PID) Database recovery/restore failed with unexpected error -530.

Message 4 Event Type: Error

Event Source: ESENT

Event Category: Logging/Recovery

Event ID: 412

Date: 6/7/2000

Time: 2:56:53 PM

User: N/A

Computer: ASKO-ONE

Description: services (PID) Unable to read the log header. Error -530.



CAUSE
This issue occurs if the local Group Policy database file is corrupt.



RESOLUTION
To resolve this issue, use the procedure described in this section to re-create the local Group Policy file.

Important Implementing a security template on a domain controller may change the settings of the Default Domain Controller Policy or Default Domain Policy. The applied template may overwrite permissions on new files, registry keys and system services created by other programs. Restoring these policies might be necessary after applying a security template. Before performing these steps on a domain controller, create a backup of the SYSVOL share.

Note When you use the following procedure, your computer is returned to the original installation state where the Local Security Policy is not defined. You may have to start your computer in Safe mode to rename or move files. For additional information about how to do this, see Windows 2000 Help.
 * 1) Open the %SystemRoot%\Security folder, create a new folder, and then name it &quot;OldSecurity&quot;.
 * 2) Move all of the files ending in .log from the %SystemRoot%\Security folder to the OldSecurity folder.
 * 3) Find the Secedit.sdb file in the %SystemRoot%\Security\Database folder, and then rename this file to &quot;Secedit.old&quot;.
 * 4) Click Start, click Run, type mmc, and then click OK.
 * 5) Click Console, click Add/Remove Snap-in, and then add the Security and Configuration snap-in.
 * 6) Right-click Security and Configuration and Analysis, and then click Open Database.
 * 7) Browse to the %TEMP% folder, type Secedit.sdb in the File name box, and then click Open.
 * 8) When you are prompted to import a template, click Setup Security.inf, and then click Open.
 * 9) Copy %TEMP%\Secedit.sdb %SystemRoot%\Security\Database.

Additional query words: Secedit sdb

Keywords: kberrmsg kbprb KB278316

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.