m1975Michael

SceCli 1202 Events in App Log

8 posts in this topic

Hello,

I have Windows Server 2008 R2. I am receiving Event 1202, SceCli: Security policies were propagated with warning. 0x534 : No mapping between account names and security IDs was done. I get this error: Cannot find IIS AppPool\Classic .NET AppPool. I reviewed this article http://support.microsoft.com/kb/977695. I found that I do have the "IIS AppPool\" prefix in front of my Classic .NET AppPool. The hotfix when run says it is not applicable for this computer. I am at a loss how to resolve this issue. Any assistance would be greatly appreciated.

Michael

Default Domain Controllers Policy.htm

0

Share this post


Link to post
Share on other sites

If the hotfix doesn't install it could be that you didn't select the right architecture. Are you sure you downloaded the X64 one ?

0

Share this post


Link to post
Share on other sites

If the hotfix doesn't install it could be that you didn't select the right architecture. Are you sure you downloaded the X64 one ?

I rechecked to be sure but it is the x64 version. Microsoft sends you a link to download it, when you extract the files both are 64 bit, both give the same message when executed.

0

Share this post


Link to post
Share on other sites

As i understood the MS KB, you have to have the Hotfix and re-apply the gpo ( perhaps by disabling it on this server and re-enabling it after checking it doesn't apply anymore) which is setting those specific rights.

0

Share this post


Link to post
Share on other sites

As i understood the MS KB, you have to have the Hotfix and re-apply the gpo ( perhaps by disabling it on this server and re-enabling it after checking it doesn't apply anymore) which is setting those specific rights.

The GPO is the Default Domain Controllers Policy. Is safe to unlink it and run gpupdate /force and then relink li? This server is in production.

0

Share this post


Link to post
Share on other sites

Not safe at all !!!

You should modify the GPO twice (removing only the problematic user in the right assignment part that is causing the problem then wait for it to apply then re-add the user you removed). You sh(/c)ould make a backup of the gpo (and also a report) to be on the safer side but don't use the backup to re-add the user.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.