aacableMemberAug 17, 2018 at 3:16 am #167657
We have 2 Domain controller ,
- dc01 – Windows 2008 R2
- dc02 – Windows 2012 R2
in Event Viewer I am receiving lots of 1202 errors
Event 2012 SECLI Security policies were propagated with warning. 0x534 : No mapping between account names and security IDs was done.
When I run find command on domain controller,
FIND /I “Cannot find” %SYSTEMROOT%SecurityLogswinlogon.log
I get following result
Cannot find [email protected]. Cannot find admin. Cannot find dbServiceOQS. Cannot find daaadm. Cannot find Local Administrators. Cannot find opradm. Cannot find Oqsadm. Cannot find dbServiceDAA. Cannot find dbServiceODV. Cannot find dbServiceOPR. Cannot find XXXdbdevdbServiceDAA. Cannot find XXXdbdevdbServiceODV. Cannot find semwebsrv. Cannot find semsrv. Cannot find semapisrv. Cannot find dbServiceR3Q. Cannot find dbServiceR3D. Cannot find S-1-5-80-948765316-811284391-187558744-2005173589-387111393. Cannot find S-1-5-80-3958276243-2739099675-334681800-2039304502-2384811254. Cannot find S-1-5-80-3784820641-2391269600-1434288029-1177689286-1786581930. Cannot find S-1-5-80-1625573271-3360770164-1808504902-59951099-39959922. Cannot find [email protected].
all of above accounts , some exists in DOMAIN, and some are local application servers specific accounts which are responsible to start stop various services like in SAP servers or perform other tasks in local application system.
When I run RSoP.msc on domain or client , I get this
how can I settle this? If I remove these accounts then many services on various application servers will not work as they require rights in order to perform.
Can I ignore these messages?
You must be logged in to reply to this topic.