How to fix 1202 SceCli Security policies were propagated with warning. 0x4b8

Anonymous
2024-10-29T08:15:44.7766667+00:00

Hello,

I get error 1202 SceCli Security policies were propagated with warning. 0x4b8 : An extended error has occurred once in a day. what is wrong with my AD security policies?

Here is winlogon.log text:

----Configure Group Membership...

Configure Administrators.
```Match          - PC1\Administrator.

Match          - Domain\_2.

Match          - Domain\t2.

Match          - *S-1-5-21-647484227-1344466760-2872218628-4156.

Match          - *S-1-5-21-647484227-1344466760-2872218628-4155.

Match          - SID: S-1-5-21-3104135742-2966983738-1400547469-500.

Match          - SID: S-1-5-21-647484227-1344466760-2872218628-2611.

Match          - SID: S-1-5-21-647484227-1344466760-2872218628-4165.

Match          - SID: S-1-5-21-647484227-1344466760-2872218628-4156.

Match          - SID: S-1-5-21-647484227-1344466760-2872218628-4155.

```ruby
Aliases cannot be members of other groups.

Configure Domain\A_O.

	object already member of Remote Desktop Users.

Configure Domain\_3.

	object already member of Remote Desktop Users.

Configure Domain\_2.

	object already member of Remote Desktop Users.

Configure Domain\_1.

	object already member of Remote Desktop Users.

Configure *s-1-5-21-647484227-1344466760-2872218628-1715.
```Error 1332: No mapping between account names and security IDs was done.

```ruby
No system mapping was found for *s-1-5-21-647484227-1344466760-2872218628-1715.

Configure Domain\_3.

	object already member of Remote Desktop Users.

Configure Domain\_2.

	object already member of Remote Desktop Users.

Configure Domain\_1.

	object already member of Remote Desktop Users.
```Error 12: The access code is invalid.

 

```yaml
Group Membership configuration was completed with one or more errors.
```Thanks for help

Windows for business | Windows Server | User experience | Other
Windows for business | Windows Client for IT Pros | User experience | Other
0 comments No comments
{count} votes

Accepted answer
  1. Anonymous
    2024-10-29T09:10:10.1633333+00:00

    Hello

    Thank you for posting in Q&A forum.

    The error "Error 1332: No mapping between account names and security IDs was done." means that the user with SID s-1-5-21-647484227-1344466760-2872218628-1715 is not existing in domain.

    The error below means the object is already in the Remote Desktop Users, you do not need to add them to Remote Desktop Users group.

    Configure Domain_3. object already member of Remote Desktop Users. Configure Domain_2. object already member of Remote Desktop Users. Configure Domain_1. object already member of Remote Desktop Users.

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

    Best Regards,

    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Anonymous
    2024-10-29T10:08:21.2233333+00:00

    Thank you very much,

    I removed orphaned SID´s with script and removed remote dektop groups that were twice or more in user memberships.

    Jarkko T

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.