Apply Security Policy

[Dave]

I have Win 2K Professional with SP4 installed on my laptop.

Every time the laptop boots, I get a message in the center of the
screen that says: Applying Security Policy

The bootup process just takes an extra 5 minutes. Everything else
works fine as far as I can tell.

I would like to know if this is really necessary. If it is not, would
someone be able to tell me how to stop the "Applying Security Policy"
from taking 5 minutes of boot time?

Dave

 

[Roger Abell [MVP]]

If you are in a domain then you need to speak with the admins of
that domain. It is possible the issue is in obtaining the policy data,
or possible that there are some foolish things being done in the
policies. The first could be due to use of incorrect DNS servers
in the config of the laptop, causing it to work through failover
paths before eventually locating the domain controllers.

 

[Dave]

The laptop is a stand alone laptop (4 years old). It has a network
card in it because the laptop manufacturer included it. I have never
connected the laptop to any network. The only connection it has to
the outside world is through a dialup to the internet, a USB 1GB
memory stick, and through the printer port. The laptop did not
exhibit the Applying Security Policy except recently. This might be
close to the time I started using the USB memory stick.

I am only so-so in my Win2000 skills. If the problem is in the laptop
setup, where would you suggest looking?

 

[Steven L Umbach]

You say it seems to be related to a time when you started using an USB
stick. If so does it still happen if you remove the USB stick before
startup? The other thing I would do is to look in the
application/system/security logs via Event Viewer to see if any pertinent
errors/warnings are recorded at the time of startup that may help
troubleshoot the problem. A corrupted secedit.sdb [that may show in the
application log] and malware could also be other causes. --- Steve

 

[Dave]

The security log has only one entry dated 10/16/2002. The system log
has 3000 events dating back to 2002. It appears that I got some bad
advice from the computer shop I bought the 1GB USB memory stick from.
The tech there told me I could simply insert or remove the stick
whenever I chose. This is apparently false. I have started inserting
it whenever I like, but running an app "Unplug or Eject Hardware" when
I want to remove it. The consequence seems to be a significant number
of errors showing up in the System log. A very popular error
description is "RSM can not manage library Physical Drive2.
Unspecified error encountered. ....." I know I messed up by
withdrawing the memory stick without running the app. Is there
anything that can be done to correct the continual errors at boot
time? I should add that the number of errors is about the same if I
boot with the stick inserted (never removed) or simply boot without
it.

The application log has a single entry every time I boot. The
description begins "Policy Change from LSA/SAM can't be saved in
policy storage. ......."

winlogon.log has an identical error every time I boot. It complains
that it can not find c:\winnt\security\database\secedit.sdb This is
true as the directory c:\winnt\security\database is missing. A search
of the hard drive shows no file secedit.sdb exists.

You say it seems to be related to a time when you started using an USB
stick. If so does it still happen if you remove the USB stick before
startup? The other thing I would do is to look in the
application/system/security logs via Event Viewer to see if any pertinent
errors/warnings are recorded at the time of startup that may help
troubleshoot the problem. A corrupted secedit.sdb [that may show in the
application log] and malware could also be other causes. --- Steve

The laptop is a stand alone laptop (4 years old). It has a network
card in it because the laptop manufacturer included it. I have never
connected the laptop to any network. The only connection it has to
the outside world is through a dialup to the internet, a USB 1GB
memory stick, and through the printer port. The laptop did not
exhibit the Applying Security Policy except recently. This might be
close to the time I started using the USB memory stick.

I am only so-so in my Win2000 skills. If the problem is in the laptop
setup, where would you suggest looking?

 

[Guest]

Dave,
I don't see Roger is on the right track at all.

I have had a similar problem in terms of "applying security policy" taking
up to 10 minutes, but only sometimes. I do not know what causes the
conditions that cause the slowdown.
At first, I removed the security logs, rebooted and the problem still occured.
I then removed the secedit.db file and rebuilt it and rebooted. That seemed
to create a better response time. However, when I checked the event logs. The
problem still remains troublesome.

I still get a whole raft of event id=20082 (The Remote Access Server could
not reset lana N (the error code is the data) and will not be active on it. )
I also get event id = 20192 (A certificate could not be found. Connections
that use the L2TP protocol over IPSec require the installation of a machine
certificate, also known as a computer certificate. No L2TP calls will be
accepted. )
I have a linksys router acting as a default gateway (192.168.1.1) but that
has been in place for over a year. The security policy slowdown just occurred
over the past month.
I suspect a connection to the windows defender installation which occurred
at about the same time.

In the application log, I see
Windows Defender Real-Time Protection checkpoint has encountered an error
and failed to start.
User: AMD1400\sostpm
Checkpoint Id: 7
Error Code: 0x80070005
Error description: Access is denied.

The security log has only one entry dated 10/16/2002. The system log
has 3000 events dating back to 2002. It appears that I got some bad
advice from the computer shop I bought the 1GB USB memory stick from.
The tech there told me I could simply insert or remove the stick
whenever I chose. This is apparently false. I have started inserting
it whenever I like, but running an app "Unplug or Eject Hardware" when
I want to remove it. The consequence seems to be a significant number
of errors showing up in the System log. A very popular error
description is "RSM can not manage library Physical Drive2.
Unspecified error encountered. ....." I know I messed up by
withdrawing the memory stick without running the app. Is there
anything that can be done to correct the continual errors at boot
time? I should add that the number of errors is about the same if I
boot with the stick inserted (never removed) or simply boot without
it.

The application log has a single entry every time I boot. The
description begins "Policy Change from LSA/SAM can't be saved in
policy storage. ......."

winlogon.log has an identical error every time I boot. It complains
that it can not find c:\winnt\security\database\secedit.sdb This is
true as the directory c:\winnt\security\database is missing. A search
of the hard drive shows no file secedit.sdb exists.

You say it seems to be related to a time when you started using an USB
stick. If so does it still happen if you remove the USB stick before
startup? The other thing I would do is to look in the
application/system/security logs via Event Viewer to see if any pertinent
errors/warnings are recorded at the time of startup that may help
troubleshoot the problem. A corrupted secedit.sdb [that may show in the
application log] and malware could also be other causes. --- Steve

The laptop is a stand alone laptop (4 years old). It has a network
card in it because the laptop manufacturer included it. I have never
connected the laptop to any network. The only connection it has to
the outside world is through a dialup to the internet, a USB 1GB
memory stick, and through the printer port. The laptop did not
exhibit the Applying Security Policy except recently. This might be
close to the time I started using the USB memory stick.

I am only so-so in my Win2000 skills. If the problem is in the laptop
setup, where would you suggest looking?


On Wed, 8 Mar 2006 22:20:50 -0700, "Roger Abell [MVP]"

If you are in a domain then you need to speak with the admins of
that domain. It is possible the issue is in obtaining the policy data,
or possible that there are some foolish things being done in the
policies. The first could be due to use of incorrect DNS servers
in the config of the laptop, causing it to work through failover
paths before eventually locating the domain controllers.


I have Win 2K Professional with SP4 installed on my laptop.

Every time the laptop boots, I get a message in the center of the
screen that says: Applying Security Policy

The bootup process just takes an extra 5 minutes. Everything else
works fine as far as I can tell.

I would like to know if this is really necessary. If it is not, would
someone be able to tell me how to stop the "Applying Security Policy"
from taking 5 minutes of boot time?

Dave

 

[Roger Abell [MVP]]

You are correct that my one post in this thread assumed a
domain environment. Dave's subsequent posts seems to
have pointed out his problem being corrupt or missing (is
he set to see all hidden system files) sdb.

The messages you have posted seem to indicate that you
have excess services running (RRAS, sort of hard to be
specific how the remote access services are named without
knowing your OS).

For the Windows Defender issue you should post to
those beta newsgroups as either someone there knows
the way out, or someone there would be interested.
See:
http://www.microsoft.com/athome/security/spyware/software/newsgroups/default.mspx

Dave,
I don't see Roger is on the right track at all.

I have had a similar problem in terms of "applying security policy" taking
up to 10 minutes, but only sometimes. I do not know what causes the
conditions that cause the slowdown.
At first, I removed the security logs, rebooted and the problem still
occured.
I then removed the secedit.db file and rebuilt it and rebooted. That
seemed
to create a better response time. However, when I checked the event logs.
The
problem still remains troublesome.

I still get a whole raft of event id=20082 (The Remote Access Server could
not reset lana N (the error code is the data) and will not be active on
it. )
I also get event id = 20192 (A certificate could not be found. Connections
that use the L2TP protocol over IPSec require the installation of a
machine
certificate, also known as a computer certificate. No L2TP calls will be
accepted. )
I have a linksys router acting as a default gateway (192.168.1.1) but that
has been in place for over a year. The security policy slowdown just
occurred
over the past month.
I suspect a connection to the windows defender installation which occurred
at about the same time.

In the application log, I see
Windows Defender Real-Time Protection checkpoint has encountered an error
and failed to start.
User: AMD1400\sostpm
Checkpoint Id: 7
Error Code: 0x80070005
Error description: Access is denied.

The security log has only one entry dated 10/16/2002. The system log
has 3000 events dating back to 2002. It appears that I got some bad
advice from the computer shop I bought the 1GB USB memory stick from.
The tech there told me I could simply insert or remove the stick
whenever I chose. This is apparently false. I have started inserting
it whenever I like, but running an app "Unplug or Eject Hardware" when
I want to remove it. The consequence seems to be a significant number
of errors showing up in the System log. A very popular error
description is "RSM can not manage library Physical Drive2.
Unspecified error encountered. ....." I know I messed up by
withdrawing the memory stick without running the app. Is there
anything that can be done to correct the continual errors at boot
time? I should add that the number of errors is about the same if I
boot with the stick inserted (never removed) or simply boot without
it.

The application log has a single entry every time I boot. The
description begins "Policy Change from LSA/SAM can't be saved in
policy storage. ......."

winlogon.log has an identical error every time I boot. It complains
that it can not find c:\winnt\security\database\secedit.sdb This is
true as the directory c:\winnt\security\database is missing. A search
of the hard drive shows no file secedit.sdb exists.

You say it seems to be related to a time when you started using an USB
stick. If so does it still happen if you remove the USB stick before
startup? The other thing I would do is to look in the
application/system/security logs via Event Viewer to see if any
pertinent
errors/warnings are recorded at the time of startup that may help
troubleshoot the problem. A corrupted secedit.sdb [that may show in the
application log] and malware could also be other causes. --- Steve


The laptop is a stand alone laptop (4 years old). It has a network
card in it because the laptop manufacturer included it. I have never
connected the laptop to any network. The only connection it has to
the outside world is through a dialup to the internet, a USB 1GB
memory stick, and through the printer port. The laptop did not
exhibit the Applying Security Policy except recently. This might be
close to the time I started using the USB memory stick.

I am only so-so in my Win2000 skills. If the problem is in the laptop
setup, where would you suggest looking?


On Wed, 8 Mar 2006 22:20:50 -0700, "Roger Abell [MVP]"

If you are in a domain then you need to speak with the admins of
that domain. It is possible the issue is in obtaining the policy
data,
or possible that there are some foolish things being done in the
policies. The first could be due to use of incorrect DNS servers
in the config of the laptop, causing it to work through failover
paths before eventually locating the domain controllers.


I have Win 2K Professional with SP4 installed on my laptop.

Every time the laptop boots, I get a message in the center of the
screen that says: Applying Security Policy

The bootup process just takes an extra 5 minutes. Everything else
works fine as far as I can tell.

I would like to know if this is really necessary. If it is not,
would
someone be able to tell me how to stop the "Applying Security
Policy"
from taking 5 minutes of boot time?

Dave