Event ID 1000 every 5 minutes !!

  • Thread starter Thread starter Hans Klinger
  • Start date Start date
H

Hans Klinger

Every 5 minutes this error shows on all DC's in all sites:

The Group Policy client-side extension IP Security was passed flags (17) and
returned a failure status code of (8219)



I can't find any fix for this, I've searched the google and Microsoft over
and over with no luck, can anyone please help me with this.



One of the domain controller's had an inconsisstent local security policy,
but this should have been fixed with esentutl /p and still the error shows,
I've waited for the replication wich by the way works okay as far as I can
see in the Replication Monitor.



Any help would be very apprichiated.



Kind Regards,

Hans
 
Hans Klinger said:
Every 5 minutes this error shows on all DC's in all sites:

The Group Policy client-side extension IP Security was passed flags (17) and
returned a failure status code of (8219)



I can't find any fix for this, I've searched the google and Microsoft over
and over with no luck, can anyone please help me with this.



One of the domain controller's had an inconsisstent local security policy,
but this should have been fixed with esentutl /p and still the error shows,
I've waited for the replication wich by the way works okay as far as I can
see in the Replication Monitor.



Any help would be very apprichiated.



Kind Regards,

Hans
Click to expand...

A Google Usenet search returned the following posts:


***

This probably comes from assigning but not configuring an IPSEC policy
Check to see if this is the case.

If policies were assigned but then deleted you can probably assign an IPsec
item on the Default Domain Controllers policy and then close the policy.
Then re-open the policy and unassign the IPSEC policy.
Use Secedit to refresh the machine policy.

Tom Ausburne (MSFT)
Windows 2000 Directory Services

***

Yep. Seen many times. And, you are probably seeing this message about
every 5 minutes, along with one or two other errors, right?

Typically is due to a user that was created for an application (or by the
appilcation) that has since been deleted. But, the Sec Pol still has the
user listed, but a mapping to the SID cannot be done. Go to the DC Sec Pol
and look through the User Rights and find any users that don't exist.
Remove them. If they are not there, check at Domain Sec Policy.

One way of the other, it's an inability to map a username to a SID and the
security policy fails to apply.
--
Rick Kingslan MCSE+I, MCT
Associate Expert

***

http://support.microsoft.com/support/kb/articles/Q279/4/32.ASP

***
 
Back
Top