|
Measures reported by GrpAppHealthTest
The application event log may capture several different issues that make up a category of warnings collectively called "1202 events” – i.e., events with the event ID 1202. Events of this category are typically related to group policy propogation. The common error codes under this category are as follows:
-
Error code 0x5 – Access is denied: This issue occurs because of the locked-down security that was originally set on the FRS through Group Policy. When you attempt to configure the FRS through Group Policy, the policy engine no longer has the permission to set security on the FRS and does not attempt to take ownership of the FRS.
Error code 0xd – The data is invalid: This behavior occurs because three system environment variables (%SYSVOL%, %DSDIT%, and %DSLOG%) are referenced in the Basicdc.inf file, but exist only during the Dcpromo process. These error messages are generated each time the Default Domain Controllers policy is applied. Error code 0x3e5 - Overlapped I/O operation is in progress: This problem can occur if a third-party, real-time backup product interferes with Active Directory operations. Error code 0x534- No mapping between account names and security IDs was done: A program was installed, which creates user accounts and assigns rights to those user accounts. Later, the program was removed, the user accounts deleted, but the rights from policy before the accounts were still there. A user account is added and rights assigned to the account. The account is deleted, but not from security policies. The “0x534” code is the hex for “1332”. Error code 0x4b8 - An extended error occurred: A conflict in Group Policy can cause these events to occur. These error messages can occur if the “Rename Administrator Account” security policy is enabled and then set to an account name that is already in use.
Using this test, you can be instantly alerted if any of the aforesaid errors, which are categorized as ‘1202 events’, is captured by the application event log. Detailed diagnostics provided by the test will enable you to troubleshoot these errors. This way, issues in group policy application/propogation can be quickly captured and efficiently resolved.
Output of the test : One set of results for every Active Directory site that is being monitored
The measures made by this test are as follows:
| Measurement |
Description |
Measurement Unit |
Interpretation |
| Status |
Indicates whether/not events with ID 1202 occurred. |
|
This measure reports the value Bad if the application log captures an 1202 event. On the other hand, the value Good is reported if the 1202 error event is not captured but the application log.
The numeric values that correspond to these measure values are as follows:
| Measure Value |
Numeric Value |
| Bad |
0 |
| Good |
1 |
Note:
By default, the test reports the Measure Values listed in the table above to indicate the status of group policy application. In the graph of this measure however, the same is indicated using the numeric equivalents only.
The detailed diagnosis of this measure reports the complete details of the 1202 error events (if any) captured by the application log.
|
|