Ater configuring the
Startup mode and security settings on the File Replication service (
NtFrs) via Group Policy,
your Application event log contains:
Event Type: Warning
Event Source: SceCli
Event Category: None
Event ID: 1202
Date: 1/4/2001
Time: 1:01:30 PM
User: N/A
Computer: Server
Description: Security policies are propagated with warning. 0x5 : Access is denied.
Please look for more details in Troubleshooting section in Security Help.
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Date: 1/4/2001
Time: 1:01:30 PM
User: NT AUTHORITY\SYSTEM
Computer: Server
Description: The Group Policy client-side extension Security was passed flags (17) and returned a failure status code of (5).
If you turned on
Security Configuration Client logging,
the
%SystemRoot%\Security\logs\Winlogon.log contains:
Configure NtFrs. Warning 5: Access is denied. Error opening NtFrs. General Service configuration completed with error.The policy engine no longer has the permissions it requires to set security. to fix the problem:
1. Use Group Policy to navigate to Computer Configuration\Windows Settings\Security Settings\System Services.
2. Right-click File Replication Service and press Security.
3. Grant the System and Administrators groups Full Control.
4. Force replication with SECEDIT /REFRESHPOLICY MACHINE_POLICY /ENFORCE.
5. Use Regedt32 to navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTFRS.
6. Delete the Security sub-key.
7. Restart the computer.
8. To verify that the fix has worked, look for consecutive Event ID 1704 messages in the Application event log.
NOTE: This problem is NOT unique to NtFrs and can happen to other services you configure.
