I've seen 2 cases for those 1202 events so far (see below)
Lately I had lot of NullDACL issues
(Case 2) specifically on VM servers connected to SAN.
It's usually this folder
\\server\C$\Documents and Settings\User\Local Settings\Application Data\VMware
and this file
\\server\C$\Documents and Settings\User\Local Settings\Application Data\VMware\hgfs.dat
Additionally it could be some file related to Symantec Antivirus.
It could also some file under \windows\system32\ that is being created by an OpenSSH freeware
So far I couldn't find the reason why it's happening but I think the reason could be that SAN VM servers using gets too busy sometimes (e.g. during backups)
Case 1
If your Windows 2000 Server posts the following events to the Application event log, every five minutes, your local Group Policy database file is corrupt:
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Date: 6/7/2000
Time: 2:56:53 PM
User: WINDOWS NT AUTHORITY\SYSTEM
Computer: ASKO-ONE
Description: The Group Policy client-side extension Security was passed flags (17) and returned a failure status code of (1208).
Event Type: Warning
Event Source: SceCli
Event Category: None
Event ID: 1202
Date: 6/7/2000
Time: 2:56:53 PM
User: N/A
Computer: ASKO-ONE
Description: Security policies are propagated with warning. 0x4b8 : An extended error has occurred.
Please look for more details in TroubleShooting section in Security Help.
Event Type: Error
Event Source: ESENT
Event Category: Logging/Recovery
Event ID: 454
Date: 6/7/2000
Time: 2:56:53 PM
User: N/A
Computer: ASKO-ONE
Description: services (304) Database recovery/restore failed with unexpected error -530.
Event Type: Error
Event Source: ESENT
Event Category: Logging/Recovery
Event ID: 412
Date: 6/7/2000
Time: 2:56:53 PM
User: N/A
Computer: ASKO-ONE
Description: services (304) Unable to read the log header. Error -530.
To resolve the problem, and return the Local Security Policy to its' installation state:
01. Create an
OldSecurity subfolder at
%SystemRoot%\Security.
02. Move the log files and chk file from
%SystemRoot%\Security\logs to
%SystemRoot%\Security\OldSecurity.
03. Move the database from
%SystemRoot%\Security\Database\Secedit.sdb to
%SystemRoot%\Security\OldSecurity and change the file extension to .old.
04. Start / Run / MMC / OK.
05. Console / Add/Remove Snap-in.
06. Add the Security and Configuration Analysis snap-in. Press Close and OK.
07. Right-click Security and Configuration Analysis and press Open Database.
08. Navigate to the
%SystemRoot%\Security\Database folder, type
Secedit.sdb into File name, and press Open.
09. When prompted to import a template, select Setup security.inf.
10. Press Open. Ignore any Access Denied error.
11. Right-click Security and Configuration Analysis and press Configure Computer Now.
Case 2
http://edwinfriesen.nl/content/?p=238