Re: Security Policy Error

From: Steven L Umbach (
Date: 12/02/04

Date: Thu, 02 Dec 2004 19:58:30 GMT is a great place to track down info on event ID's as
results are shown in the link below for your error.
 -- event 1202
-- event 427

Error code 0x5 (decimal 5) - Access is denied. This issue occurs because of
the locked-down security that was originally set on the FRS through Group
Policy. When you attempt to configure the FRS through Group Policy, the
policy engine no longer has the permission to set security on the FRS and
does not attempt to take ownership of the FRS. See Q284461 for resolution -- possible fix??

Also check your security permissions to the \winnt and winnt\security
folders to make sure that administrators and system have full control or
another possibility is that the local secedit.sdb is corrupt and the link
below may help with that. --- Steve

"Ben" <> wrote in message
> Hi,
> I'm receiving 2 reoccuring errors (below) in my application event log.
> They
> seem to be something to do with the security policies, however I've
> checked
> through all our GPOs and can't find anything wrong. I looked on
> and also for some possible solutions, and I found the
> following;en-us;324383
> in
> the section covering "0x5: Access denied:" there is a procedure to enable
> debugging, in step 3 you run a find query on the winlogon.log file to find
> any service with misconfigured permissions, however my search did not
> return
> any errors so I was unable to proceed to the next step. Can anyone provide
> any assistance? We're running a Win2000 domain, with 2 win2000 SP4 DCs.
> Cheers
> Ben
> Event Type: Error
> Event Source: ESENT
> Event Category: General
> Event ID: 427
> Date: 02/12/2004
> Time: 14:52:10
> User: N/A
> Computer: GBSERV2-2K
> Description:
> services (256) The database engine could not access the file called
> C:\WINNT\Security\edb.log.
> Event Type: Warning
> Event Source: SceCli
> Event Category: None
> Event ID: 1202
> Date: 02/12/2004
> Time: 14:52:10
> User: N/A
> Computer: GBSERV2-2K
> Description:
> Security policies are propagated with warning. 0x5 : Access is denied.
> For best results in resolving this event, log on with a non-administrative
> account and search for "Troubleshooting Event
> 1202s".

Relevant Pages

  • Re: Policy from old domain applying to computers in new domain...
    ... To remove the old permissions (Which you won't easily ... You may be surprised how much security is ... using ADMT to a new domain would only receive policy from the new domain. ... future bothers me. ...
  • Re: Password problem .
    ... Check their account properites/account in AD to make sure that user can not ... We have a policy on the domain to change a ... > anonymous permissions is not enable in the Local Security ...
  • Re: Preventing browsing
    ... permissions are restrictive enough to prevent them from doing damage. ... ntfs permissions for the everyone group to read/list/execute. ... effective settings in Local Security Policy for those configurations. ...
  • Re: Permissions assignment ?
    ... has permissions for everyone will allow ... If you do such you may need to modify the security ... Security Policy under security settings/local policies/security options ... > with a login prompt when they try to access the share. ...
  • Fwd: Oh Dear, Where to start?!
    ... It seems to me you need two things: an organizational policy, ... finish college and break into the real world of computer security. ... experience in the field of network security and policy ... updates, driver updates, and recommended updates. ...