Resolution for Event ID 1202

June 17th, 2020
By Noynim IT Solutions in Windows
Comments (0)

Sharing resolution steps for below group policy issue

Issue Description : The Application log on Windows Server contains Event ID 1202 with status code “0x534 : No mapping between account names and security IDs was done” every time security policy is applied.

Functional Loss : Group policy fails because of this

Steps performed to resolve this issue :

Checked AD replication,found it working fine
Checked SYSVOL status on DC and it was good
Checked AD and SYSVOL version for the GPO along with the settings and found it to be enabled
Since this is being applied at the domain level so went ahead and took access of server named
Checked RSOP.msc on the same
Found that policy is taking place but still not seeing the desired results
Checked detailed rsop mode
Found that security policy propagated with errors
This is the error code Security policies were propagated with warning. 0x534 : No mapping between account names and security IDs was done.
Event Id 1202 seen in application logs on the machine
Also seen red X in rsop for this setting
Did some research and followed these steps
Located and then click the following registry subkey:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F7 9F83A}

On the Edit menu, Changed value of below parameter

Value name: ExtensionDebugLevel

Changed its value to 2

This creates a file that is named Winlogon.log in the %SYSTEMROOT%\Security\Logs folder

Found the problem account. To do this, type the following at the command prompt, and then press ENTER:

find /i “cannot find” %SYSTEMROOT%\security\logs\winlogon.log

Got below result

C:\>find /i “cannot find” %SYSTEMROOT%\security\logs\winlogon.log

———- C:\WINDOWS\SECURITY\LOGS\WINLOGON.LOG

Cannot find Adminstrators.

This way figured out administrators is not the correct security principal which was added in the GPO
Corrected GPO and removed this security principal
Added correct one
Ran this command gpupdate/force on server now
Command executed successfully
Now seen successful event 1704 which says security policy processed without any errors
Now checked local users and groups management console
Found that now administrators group has local admin as a member in it
Achieved desired results

Reference Article :- https://support.microsoft.com/en-in/help/324383/troubleshooting-scecli-1202-events

Comment on Resolution for Event ID 1202

Leave a Reply

Nicholas Pool

14:38 27 Dec 18

Outstanding corporate IT services company. NOYNIM has a well experienced crew and an extremely responsive process in place to help their customers. Most of my company's help desk tickets are responded to within 30 minutes of request, and troubleshooting usually takes less than 15 minutes. I would recommend NOYNIM as a provider to anyone.

David Smith

18:28 28 Aug 18

Excellent IT services provider company in Denver.

Chad Lieberman

18:45 02 Aug 17

NOYNIM is a fantastic and client-focused IT company. Daniel and his team find creative and cost-effective solutions to a variety of IT issues. They are responsive, professional and efficient. I highly recommend NOYNIM.

Rita Lawrence

15:00 17 Oct 17

This company is fast, super responsive, and very professional!

Robert B. Wareham

16:51 30 Aug 17

Update: August 30, 2017 If I could give these guys more than 5 stars I would. They did a complete Windows Server upgrade this year and it went flawlessly. No one in the firm even knew it was going on. We now have the latest version of Windows Server and everything is working great. Dan and his crew are responsive and prompt. They are knowledgeable and competent. I look forward to years more of our partnership. Prior Review- 2015 After being promised the moon by so many IT companies I was skeptical when Daniel Noy told me that he could assure me a stable and secure IT environment. We were on the verge of a Windows Server SBS upgrade. Our prior IT company had set us up with a virtual server environment that never did work. Without billing me for hours of unproductive and expensive "planning and assessment" meetings Daniel and his team quickly determined our needs and implemented the server migration flawlessly. That was three or four years ago. Since that time Daniel and his staff have proved to be capable and responsive. The SBS server had some upgrade bugs that took hours, if not days, to troubleshoot with Microsoft's top level support people finally confirming it was a software bug. Daniel never gave up on the problem and pushed Microsoft on our behalf. As a trial lawyer I appreciate the need to advocate on behalf of a client. Daniel really went to bat for us. I don't toss endorsements around lightly as I live by my reputation of credibility and integrity. Daniel Noy shares those values. I know he has personally spent many late nights with his staff working to resolve issues as they arose. Noynim is responsive and capable. I don't worry about our network anymore. I give Daniel and Noynim my unqualified endorsement. Robert B. Wareham CEO and Attorney at Law The Law Center P.C. Highlands Ranch, Colorado

K Schwartz

19:27 03 Mar 15

Daniel and his staff are incredible. They make having an IT issue simple. Would highly recommend Noynim!

Marla Roper

20:43 06 Oct 19

Daniel and his team did an amazing job taking care of our office after we had a flood on Labor Day weekend. Their team took care of moving our computers and server and got our team up and running in no time! Everyone at Roper Insurance highly recommends Noymin!

J Maliar

16:56 27 Nov 19

Daniel and his crew really take very good care of us

Benjamin Bender

17:24 03 Apr 20

Noynim is a wonderful IT company and have exceeded our expectations from the first day we hired them.

Resolution for Event ID 1202

Share

Comment on Resolution for Event ID 1202