After you import the Basicdc.inf file in to the Default Domain Controllers Group Policy object ( GPO), errors are generated each time the policy is applied.
Application log: Event Type: Error Event Source: Userenv Event Category: None Event ID: 1000 Date: 3/1/2000 Time: 6:16:43 PM User: NT AUTHORITY\SYSTEM Computer: COMPUTERNAME Description: The Group Policy client-side extension Security was passed flags (17) and returned a failure status code of (13). Event Type: Warning Event Source: SceCli Event Category: None Event ID: 1202 Date: 3/1/2000 Time: 6:16:43 PM User: N/A Computer: COMPUTERNAME Description: Security policies are propagated with warning. 0xd : The data is invalid. Please look for more details in TroubleShooting section in Security Help. Winlogon.log: Error 13: The data is invalid. Error convert %SYSVOL%\DOMAIN\POLICIES. Error 13: The data is invalid. Error converting section File Security. Userenv.log: ProcessGPOs: Extension Security ProcessGroupPolicy failed, status 0xd.Basicdc.inf references three environment variables (%SYSVOL%, %DSDIT%, and %DSLOG%), that are only defined during the Dcpromo process.
To fix the problem:
1. Open a CMD prompt on the domain controller and type net share sysvol. Record the path that is returned.
2. Right-click My Computer and press Properties.
3. Select the Advanced tab.
4. Press Environment Variables.
5. In the System variables section, press New.
6. Type SYSVOL in the Variable Name box.
7. In the Variable Value box, type the path from step 1, without the last \sysvol.
8. Repeat this process to create the DSDIT and DSLOG variables, whose values can be obtained at:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters Database log files path REG_SZ C:\WINNT\NTDS (Set DSLOG to C:\WINNT\NTDS) DSA Working Directory REG_SZ C:\WINNT\NTDS (Set DSDIT to C:\WINNT\NTDS)9. At a CMD prompt, type secedit /refreshpolicy machine_policy /enforce