Discussion:
No Mapping between account names and security IDs was done - HELP
(too old to reply)
Ford Truck Dude
2006-01-09 20:36:13 UTC
Permalink
Howdy.

After reading 10+ pages on this error I see that mine is apparently
different enough to not offer me the solution. So here is the problem.

If you search for this it will constatintly talk about user id and or
groups that need to be deleted. The problem is that this error occurs
within the Domain section of the winlogon.log file. Thus the domain
itself generates this error:

Error 1332: No mapping between account names and security IDs was
done.

I can not run the tool secedit as the /refreshpolicy option does not
exist since I am 2003 Server.

Any thoughts???

Thanks.
Jorge de Almeida Pinto
2006-01-09 20:50:17 UTC
Permalink
check if a GPO contains a SID instead of a samaccountname. this means it
contains a reference to a security principal that has been deleted

secedit /refreshpolicy has been replaced by gpupdate /force in w2k3
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto #
BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx
-----------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
-----------------------------------------------------------------------------


-----------------------------------------------------------------------------
Post by Ford Truck Dude
Howdy.
After reading 10+ pages on this error I see that mine is apparently
different enough to not offer me the solution. So here is the problem.
If you search for this it will constatintly talk about user id and or
groups that need to be deleted. The problem is that this error occurs
within the Domain section of the winlogon.log file. Thus the domain
Error 1332: No mapping between account names and security IDs was
done.
I can not run the tool secedit as the /refreshpolicy option does not
exist since I am 2003 Server.
Any thoughts???
Thanks.
Ford Truck Dude
2006-01-09 20:53:51 UTC
Permalink
The only account in the GPO is administrator, local account.
Ford Truck Dude
2006-01-09 21:31:31 UTC
Permalink
FYI, for anyone that might like to know the resolution to this. You
need to run gpupdate /force to get the info. Then it tells you what is
wrong.

Loading...