Ater configuring the
Startup mode and security settings on the File Replication service (
NtFrs) via Group Policy,
your Application event log contains:
Event Type: Warning Event Source: SceCli Event Category: None Event ID: 1202 Date: 1/4/2001 Time: 1:01:30 PM User: N/A Computer: Server Description: Security policies are propagated with warning. 0x5 : Access is denied. Please look for more details in Troubleshooting section in Security Help. Event Type: Error Event Source: Userenv Event Category: None Event ID: 1000 Date: 1/4/2001 Time: 1:01:30 PM User: NT AUTHORITY\SYSTEM Computer: Server Description: The Group Policy client-side extension Security was passed flags (17) and returned a failure status code of (5).If you turned on Security Configuration Client logging, the %SystemRoot%\Security\logs\Winlogon.log contains:
Configure NtFrs. Warning 5: Access is denied. Error opening NtFrs. General Service configuration completed with error.The policy engine no longer has the permissions it requires to set security. to fix the problem:
1. Use Group Policy to navigate to Computer Configuration\Windows Settings\Security Settings\System Services.
2. Right-click File Replication Service and press Security.
3. Grant the System and Administrators groups Full Control.
4. Force replication with SECEDIT /REFRESHPOLICY MACHINE_POLICY /ENFORCE.
5. Use Regedt32 to navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTFRS.
6. Delete the Security sub-key.
7. Restart the computer.
8. To verify that the fix has worked, look for consecutive Event ID 1704 messages in the Application event log.
NOTE: This problem is NOT unique to NtFrs and can happen to other services you configure.