Group Policy problems generate Event ID: 1000 error messages in the event log. The following message is a typical:
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Date: date
Time: time
User: NT AUTHORITY\SYSTEM
Computer: computer name
Description: The Group Policy client-side extension Security was
passed flags (17) and returned a failure status code of (1332).
#define GPO_INFO_FLAG_MACHINE 0x00000001 //
Apply machine policy rather than user policy
#define GPO_INFO_FLAG_BACKGROUND 0x00000010 //
Background refresh of policy (ok to do slow stuff)
#define GPO_INFO_FLAG_SLOWLINK 0x00000020 //
Policy is being applied across a slow link
#define GPO_INFO_FLAG_VERBOSE 0x00000040 //
Verbose output to the eventlog
#define GPO_INFO_FLAG_NOCHANGES 0x00000080 //
No changes were detected to the Group Policy Objects
#define GPO_INFO_FLAG_LINKTRANSITION 0x00000100 //
A change in link speed was detected between previous policy application and current policy application
#define GPO_INFO_FLAG_LOGRSOP_TRANSITION 0x00000200 //
A Change in Rsop Logging was detected between previous policy application and current policy application, (new intf only)
#define GPO_INFO_FLAG_FORCED_REFRESH 0x00000400 //
Forced Refresh is being applied. redo policies.
#define GPO_INFO_FLAG_SAFEMODE_BOOT 0x00000800 //
windows safe mode boot flag
Related tips:
- Every five minutes the following event error messages are added to the Application log …
- Event ID 1000,1001 Is Logged Every 5 Minutes in the Application Event Log
- Event ID 101 and Event ID 1000 Messages May Be Displayed When Folder Redirection Is Set Up with Group Policy
- Error Messages Every 5 Minutes Report Events 1000, 1001, and 13508, Citing Replication Trouble
- Event ID1000 and Event ID 1202 Messages Are Reported When You Set Security on the File Replication Service by Using Group Policy
- Event IDs 1000, 1202, 412 and 454 Are Logged Repeatedly in the Application Event Log
- SceCli Event ID 1001 and UserEnv Event ID 1000 When Dfs Client Is Disabled
- Event ID 1000 and 1202 After Configuring Policies
- Event ID: 1000 Due to Trailing Blank Space in User Profile Path
- DNS, Intersite Messaging, Global Catalog, NTFRS, and “Invalid Credentials” Error Messages on Domain Controller