This article has been archived. It is offered "as is" and will no longer be updated.
If you configure the Startup mode and security settings on the File Replication service (FRS) through Group Policy, the following error messages may be logged in the Application event log in Event Viewer:
Event Type: Warning Event Source: SceCli Event Category: None Event ID: 1202 Date: 1/4/2001 Time: 1:01:30 PM User: N/A Computer: Server Description: Security policies are propagated with warning. 0x5 : Access is denied.Please look for more details in Troubleshooting section in Security Help.
Event Type: Error Event Source: Userenv Event Category: None Event ID: 1000 Date: 1/4/2001 Time: 1:01:30 PM User: NT AUTHORITY\SYSTEM Computer: Server Description: The Group Policy client-side extension Security was passed flags (17) and returned a failure status code of (5).
If you enable Security Configuration Client logging (which produces the Winlogon.log file), the following error message is logged in Winlogon.log:
Configure NtFrs. Warning 5: Access is denied. Error opening NtFrs.
General Service configuration completed with error.
This issue occurs because of the locked-down security that was originally set on the FRS through Group Policy. When you attempt to configure the FRS through Group Policy, the policy engine no longer has the permission to set security on the FRS and does not attempt to take ownership of the FRS.
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 How to back up and restore the registry in Windows
To reset security on the FRS:
Navigate to the following policy in the Group Policy object (GPO) where security has been set on the FRS: