I don’t want to get into the habit of logging every single error and snag I find in the event viewer, but part of my work is closely tided to Group Policy and deployment, therefore thought this would be useful in the further.
I was getting this error listed in the event viewer:
Error: Security policies were propagated with warning. 0x534 : No mapping between account names and security IDs was done.
Event ID: 1202
[singlepic id=76 w=460 h=380 float=]
Very help of Microsoft as the event actually lists the fix if you scroll further down. Here is the short summary steps:
1) Identify accounts that could not be resolved to a SID:
start -> run -> cmd -> FIND /I "Cannot find" %SYSTEMROOT%\Security\Logs\winlogon.log (This will show “Cannot find” identifying the problem account names.)
[singlepic id=77 w=460 h=380 float=]
2) Identify the specific User Rights, Restricted Groups, and Source GPOs that contain the problem accounts:
start -> run -> RSoP.msc (Review the results settings marked with a red X)
[singlepic id=79 w=460 h=380 float=]
3) Remove unresolved accounts from the specific Group Policy that is affected.
Start -> Administration Tools -> Group Policy (Locate problem GPO, Update and remove affected settings)
[singlepic id=78 w=460 h=380 float=]