This article was previously published under Q278316
The following event ID messages are logged every five minutes in the Application log:
Event Type: Error Event Source: Userenv Event Category: None Event ID: 1000 Date: 6/7/2000 Time: 2:56:53 PM User: WINDOWS NT AUTHORITY\SYSTEM Computer: ASKO-ONE Description:The Group Policy client-side extension Security was passed flags (17) and returned a failure status code of (1208).
Event Type: Warning Event Source: SceCli Event Category: None Event ID: 1202 Date: 6/7/2000 Time: 2:56:53 PM User: N/A Computer: ASKO-ONE Description:Security policies are propagated with warning. 0x4b8 : An extended error has occurred.Please look for more details in Troubleshooting section in Security Help.
This issue occurs if the local Group Policy database file is corrupt.
To resolve this issue, use the procedure described in this section to re-create the local Group Policy file.
Important Implementing a security template on a domain controller may change the settings of the Default Domain Controller Policy or Default Domain Policy. The applied template may overwrite permissions on new files, registry keys and system services created by other programs. Restoring these policies might be necessary after applying a security template. Before performing these steps on a domain controller, create a backup of the SYSVOL share.
Note When you use the following procedure, your computer is returned to the original installation state where the Local Security Policy is not defined. You may have to start your computer in Safe mode to rename or move files. For additional information about how to do this, see Windows 2000 Help.
Open the %SystemRoot%\Security folder, create a new folder, and then name it "OldSecurity".
Move all of the files ending in .log from the %SystemRoot%\Security folder to the OldSecurity folder.
Find the Secedit.sdb file in the %SystemRoot%\Security\Database folder, and then rename this file to "Secedit.old".
Click Start, click Run, type mmc, and then click OK.
Click Console, click Add/Remove Snap-in, and then add the Security and Configuration snap-in.
Right-click Security and Configuration and Analysis, and then click Open Database.
Browse to the %TEMP% folder, type Secedit.sdb in the File name box, and then click Open.
When you are prompted to import a template, click Setup Security.inf, and then click Open.