Restricted Groups not being applied to xp sp2 computers

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

We are in the process of implanting xp sp2 computers to the company. In the
process of testing the xp sp2 box's in production eneverment and are running
across a problem with the restricted groups not applying. We are using
altiris with sisprep to image the systems. Here is the information we have
gathered.

Copyright (C) Microsoft Corporation. All Rights Reserved.

Initiating INTEGRITY mode...
Database: secedit.sdb
Temp. Database: TEMPINTEG3004.EDB

Checking database integrity.

The database is not up-to-date. This operation may find that
this database is corrupt because data from the log files has
yet to be placed in the database.

To ensure the database is up-to-date please use the 'Recovery' operation.


Scanning Status (% complete)

0 10 20 30 40 50 60 70 80 90 100
|----|----|----|----|----|----|----|----|----|----|
...................................................


Integrity check successful.

Operation completed successfully in 0.401 seconds.


C:\WINDOWS\security\Database>esentutl /r secedit.sdb

Microsoft(R) Windows(TM) Database Utilities
Version 5.1
Copyright (C) Microsoft Corporation. All Rights Reserved.

Initiating RECOVERY mode...


*************************

Make a local copy of
\\wins.lcra.org\SysVol\wins.lcra.org\Policies\{2C43F551-92A1-451D-8276-38B81ACEC517}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )

Make a local copy of
\\wins.lcra.org\sysvol\wins.lcra.org\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
GPLinkDomain GPO_INFO_FLAG_BACKGROUND )

Process GP template gpt00000.inf.

This is not the last GPO.
-------------------------------------------
Tuesday, May 31, 2005 3:30:41 PM
Error 1208: An extended error has occurred.
Error creating database.
----Configuration engine was initialized with one or more errors.----


----Un-initialize configuration engine...
**************************

Make a local copy of
\\wins.lcra.org\SysVol\wins.lcra.org\Policies\{2C43F551-92A1-451D-8276-38B81ACEC517}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )

Make a local copy of
\\wins.lcra.org\sysvol\wins.lcra.org\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
GPLinkDomain GPO_INFO_FLAG_BACKGROUND )

Process GP template gpt00000.inf.

This is not the last GPO.
-------------------------------------------
Tuesday, May 31, 2005 3:30:46 PM
Error 1208: An extended error has occurred.
Error creating database.
----Configuration engine was initialized with one or more errors.----


----Un-initialize configuration engine...
**************************

Make a local copy of
\\wins.lcra.org\SysVol\wins.lcra.org\Policies\{2C43F551-92A1-451D-8276-38B81ACEC517}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
GPLinkOrganizationUnit

Make a local copy of
\\wins.lcra.org\sysvol\wins.lcra.org\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
GPLinkDomain

Process GP template gpt00000.inf.

This is not the last GPO.
-------------------------------------------
Tuesday, May 31, 2005 3:31:42 PM
Error 1208: An extended error has occurred.
Error creating database.
----Configuration engine was initialized with one or more errors.----


----Un-initialize configuration engine...
**************************

Make a local copy of
\\wins.lcra.org\SysVol\wins.lcra.org\Policies\{2C43F551-92A1-451D-8276-38B81ACEC517}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )

Make a local copy of
\\wins.lcra.org\sysvol\wins.lcra.org\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
GPLinkDomain GPO_INFO_FLAG_BACKGROUND )

Process GP template gpt00000.inf.

This is not the last GPO.
-------------------------------------------
Tuesday, May 31, 2005 3:31:46 PM
Error 1208: An extended error has occurred.
Error creating database.
----Configuration engine was initialized with one or more errors.----


----Un-initialize configuration engine...


For some reason the restricted groups do apply to the w2k computers and not
to the xp computes. If anyone has any idea why this is happening it would be
much appriated.

Thanks,

Jonathan Brown
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Q: "We are in the process of implanting xp sp2 computers to the company."

A: Interesting concept...what technique are you going to use?

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Microsoft Newsgroups

Get Windows XP Service Pack 2 with Advanced Security Technologies:
http://www.microsoft.com/athome/security/protect/windowsxp/choose.mspx

-------------------------------------------------------------------------------------------

"Jonathan Brown" wrote:

| We are in the process of implanting xp sp2 computers to the company. In the
| process of testing the xp sp2 box's in production eneverment and are running
| across a problem with the restricted groups not applying. We are using
| altiris with sisprep to image the systems. Here is the information we have
| gathered.
|
| Copyright (C) Microsoft Corporation. All Rights Reserved.
|
| Initiating INTEGRITY mode...
| Database: secedit.sdb
| Temp. Database: TEMPINTEG3004.EDB
|
| Checking database integrity.
|
| The database is not up-to-date. This operation may find that
| this database is corrupt because data from the log files has
| yet to be placed in the database.
|
| To ensure the database is up-to-date please use the 'Recovery' operation.
|
|
| Scanning Status (% complete)
|
| 0 10 20 30 40 50 60 70 80 90 100
| |----|----|----|----|----|----|----|----|----|----|
| ...................................................
|
|
| Integrity check successful.
|
| Operation completed successfully in 0.401 seconds.
|
|
| C:\WINDOWS\security\Database>esentutl /r secedit.sdb
|
| Microsoft(R) Windows(TM) Database Utilities
| Version 5.1
| Copyright (C) Microsoft Corporation. All Rights Reserved.
|
| Initiating RECOVERY mode...
|
|
| *************************
|
| Make a local copy of
| \\wins.lcra.org\SysVol\wins.lcra.org\Policies\{2C43F551-92A1-451D-8276-38B81ACEC517}\Machine\Microsoft\Windows
NT\SecEdit\GptTmpl.inf.
| GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )
|
| Make a local copy of
| \\wins.lcra.org\sysvol\wins.lcra.org\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows
NT\SecEdit\GptTmpl.inf.
| GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
|
| Process GP template gpt00000.inf.
|
| This is not the last GPO.
| -------------------------------------------
| Tuesday, May 31, 2005 3:30:41 PM
| Error 1208: An extended error has occurred.
| Error creating database.
| ----Configuration engine was initialized with one or more errors.----
|
|
| ----Un-initialize configuration engine...
| **************************
|
| Make a local copy of
| \\wins.lcra.org\SysVol\wins.lcra.org\Policies\{2C43F551-92A1-451D-8276-38B81ACEC517}\Machine\Microsoft\Windows
NT\SecEdit\GptTmpl.inf.
| GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )
|
| Make a local copy of
| \\wins.lcra.org\sysvol\wins.lcra.org\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows
NT\SecEdit\GptTmpl.inf.
| GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
|
| Process GP template gpt00000.inf.
|
| This is not the last GPO.
| -------------------------------------------
| Tuesday, May 31, 2005 3:30:46 PM
| Error 1208: An extended error has occurred.
| Error creating database.
| ----Configuration engine was initialized with one or more errors.----
|
|
| ----Un-initialize configuration engine...
| **************************
|
| Make a local copy of
| \\wins.lcra.org\SysVol\wins.lcra.org\Policies\{2C43F551-92A1-451D-8276-38B81ACEC517}\Machine\Microsoft\Windows
NT\SecEdit\GptTmpl.inf.
| GPLinkOrganizationUnit
|
| Make a local copy of
| \\wins.lcra.org\sysvol\wins.lcra.org\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows
NT\SecEdit\GptTmpl.inf.
| GPLinkDomain
|
| Process GP template gpt00000.inf.
|
| This is not the last GPO.
| -------------------------------------------
| Tuesday, May 31, 2005 3:31:42 PM
| Error 1208: An extended error has occurred.
| Error creating database.
| ----Configuration engine was initialized with one or more errors.----
|
|
| ----Un-initialize configuration engine...
| **************************
|
| Make a local copy of
| \\wins.lcra.org\SysVol\wins.lcra.org\Policies\{2C43F551-92A1-451D-8276-38B81ACEC517}\Machine\Microsoft\Windows
NT\SecEdit\GptTmpl.inf.
| GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )
|
| Make a local copy of
| \\wins.lcra.org\sysvol\wins.lcra.org\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows
NT\SecEdit\GptTmpl.inf.
| GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
|
| Process GP template gpt00000.inf.
|
| This is not the last GPO.
| -------------------------------------------
| Tuesday, May 31, 2005 3:31:46 PM
| Error 1208: An extended error has occurred.
| Error creating database.
| ----Configuration engine was initialized with one or more errors.----
|
|
| ----Un-initialize configuration engine...
|
|
| For some reason the restricted groups do apply to the w2k computers and not
| to the xp computes. If anyone has any idea why this is happening it would be
| much appriated.
|
| Thanks,
|
| Jonathan Brown
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom