- Status Code 1307 - See ME291087
- Extension: Security, flags 1, status code: 1208 = "An extended error has occurred." - See ME827012
- Extension: Security, flags 17, status code: 1208 - See ME835744
- Extension: Security, flags 17, status code: 1332 - See ME329816
- Extension: Security, flags 17, status code: 3 - See ME888824
- Extension: EFS recovery, flags 17, status code: 1804 - See ME830062
- Extension: Folder Redirection, flags 0, status code: 1338 - See ME888205
- Extension: Security, flags 17, status code: 5 - See ME319352
- Extension: Security, flags 145, status code: 5 - See ME310741
- Extension: Microsoft Disk Quota, Flags 1, Status code: -2147024894 - From a newsgroup post: "The event is being caused by a bug that incorrectly reported a problem with Disk Quotas. The event can be eliminated from occurring by setting the "Enable Disk Quotas" policy to "Disabled." To eliminate the error completely remove the Group policy extension for Disk Quotas from the "gPcMachineExtansionNames" attribute for the Default Domain Controllers policy".
From a newsgroup post: "Here some tips to debug this type of problems:
1. Enable diagnostic logging to the event log.
Enabling diagnostic logging for Group Policy causes Group Policy to generate detailed events in the event log. These detailed events can help assist in diagnosing problems associated with Group Policy processing by backtracking the events and providing additional information about them.
To enable diagnostic logging, log on as the local administrator. Click Start -> Run, type regedit, and then click OK. Open the HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion key. On the Edit menu, point to New, click Key, type Diagnostics, and then press Enter. With the Diagnostics key selected, on the Edit menu, point to New, click DWORD Value, type RunDiagnosticLoggingGlobal and then press Enter. Double-click RunDiagnosticLoggingGlobal, type 1 and then click OK. Events generated by Group Policy are recorded in the Application log.
Note: Enabling diagnostic logging for Group Policy generates a large number of events during computer startup and when a user logs on. You should increase the size of the Application log prior to enabling diagnostic logging so that the Application log does not fill up. Also, enable diagnostic logging only when troubleshooting Group Policy and disable it when you are finished.
2. Enable verbose logging.
Verbose logging tracks all changes and settings applied to the local computer and to users who log on to the computer by Group Policy. The log file is located in the %systemroot%\Debug\UserMode folder and is named Userenv.log. Enabling verbose logging involves adding the registry key for verbose logging.
To enable verbose logging, add a DWORD value named UserEnvDebugLevel with a value of 30002 to the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon key in the registry.
Note: A value of 30002 enables verbose logging, 30001 enables logging of errors and warnings only, and 30000 logs nothing.
To disable verbose logging, delete the UserenvDebugLevel value from the registry.
3. Windows 2000 Resource Kit Tools for Group Policy Troubleshooting.
You can resolve Group Policy issues by using the following tools that are included in the Windows 2000 Resource Kit:
- Gpotool.exe. This command-line tool allows you to check the health of the Group Policy objects on domain controllers.
- Gpresult.exe. This command-line tool displays information about the result Group Policy has had on the current computer and logged-on user.
Note: For details and usage of these tools, refer to the Windows 2000 Resource Kit".
to find out how to interpret Userenv 1000 events.