Event ID 1053 — Group Policy Preprocessing (Security)

Updated: September 21, 2007

Applies To: Windows Server 2008

red

Group Policy preprocessing uses security to act on behalf of the computer or user. Incorrect permissions or security failures can prevent Group Policy from applying to the computer or user.

Event Details

Product: Windows Operating System
ID: 1053
Source: Microsoft-Windows-GroupPolicy
Version: 6.0
Symbolic Name: gpEvent_FAILED_USERNAME
Message: The processing of Group Policy failed. Windows could not resolve the user name. This could be caused by one or more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

Resolve

Determine user name

The Group Policy service logs the name of the domain controller and the error code. This information appears on the Details tab of the error message in Event Viewer. The error code (displayed as a decimal) and error description fields further identify the reason for the failure. Evaluate the error code with the list below:

  • Error code 5
  • Error code 14
  • Error code 525
  • Error code 1355
  • Error code 1727

Error code 5 (Access is denied)

  1. Change user password.
  2. Then lock/unlock workstation.
  3. Check if there are any system services running as the user account.
  4. Verify that the password in service configuration is correct for the user account.
  • This error code might indicate that the user's password expired while the user was still logged on the computer. If the user recently changed their password, the issue might disappear after allowing time for Active Directory replication to succeed. If the error does not go away within an hour, check Active Directory replication using Active Directory troubleshooting procedures (http://go.microsoft.com/fwlink/?LinkId=92707).

Error code 14 (Not enough storage is available to complete this operation)

This error code might indicate that Windows does not have enough memory to complete the task. Investigate the system event log for any other memory-specific issues.

Error code 525 (The specified user does not exist)

This error code might indicate incorrect permissions on the organizational unit. The user requires read access to the organizational unit that contains the user object. Similarly, computers require read access to the organizational unit that contains the computer object.

Error code 1355 (The specified domain either does not exist or could not be contacted)

This error code might indicate a fault or improper configuration with name resolution (DNS). Use nslookup to confirm you can resolve addresses of the domain controllers in the user domain. Use Networking troubleshooting procedures to further diagnose the problem (http://go.microsoft.com/fwlink/?LinkId=92706 ).

Error code 1727 (The remote procedure call failed and did not execute)

This error code might indicate that firewall rules are preventing communication with a domain controller. If you have third-party firewall software installed, check the configuration of the firewall or try temporarily disabling it and verifying that Group Policy processes successfully. Use Networking troubleshooting procedures or procedures from your third-party firewall software to further diagnose the problem (http://go.microsoft.com/fwlink/?LinkId=92706).

All others errors

Use Security troubleshooting procedures to further diagnose the problem (http://go.microsoft.com/fwlink/?LinkId=92709 ).

Verify

Group Policy applies during computer startup and user logon. Afterward, Group Policy applies every 90 to 120 minutes. Events appearing in the event log may not reflect the most current state of Group Policy. Therefore, you should always refresh Group Policy to determine if Group Policy is working correctly.

To refresh Group Policy on a specific computer:

  1. Open the Start menu. Click All Programs and then click Accessories.
  2. Click Command Prompt.
  3. In the command prompt window, type gpupdate and then press ENTER.
  4. When the gpupdate command completes, open the Event Viewer.

Group Policy is working correctly if the last Group Policy event to appear in the System event log has one of the following event IDs:

  • 1500
  • 1501
  • 1502
  • 1503

Related Management Information

Group Policy Preprocessing (Security)

Group Policy Infrastructure

Community Additions

ADD
Show: