dc01 - Windows 2008 R2dc02 - Windows 2012 R2 > added recently

in Event Viewer on both DC"s, I am receiving lots of 1202 errors

Event 2012 SECLISecurity policies were propagated with warning. 0x534 : No mapping between account names and security IDs was done.When I run find command on domain controller,

C:\Users\XXXXX>FIND /I "Cannot find" %SYSTEMROOT%\Security\Logs\winlogon.log---------- C:\WINDOWS\SECURITY\LOGS\WINLOGON.LOG Cannot find admin. Cannot find SAPServiceOQS. Cannot find SAPServiceOPR. Cannot find SAPServiceODV. Cannot find SAPServiceDAA. Cannot find Oqsadm. Cannot find opradm. Cannot find Local Administrators. Cannot find daaadm. Cannot find XXXsapdev\SAPServiceDAA. Cannot find XXXsapdev\SAPServiceODV. Cannot find administrator
vsphere.local. Cannot find SAPServiceR3D. Cannot find SAPServiceR3Q. Cannot find semapisrv. Cannot find semwebsrv.all of above accounts are not part of DOMAIN, they are created in different application servers like SAP, SQL, etc some are local application servers specific accounts which are responsible to start stop various services like in SAP servers or perform other tasks in local application system.

When I run RSoP.msc on domain or client , I get this


how can I settle this? If I remove these accounts then many services on various application servers will not work as they require rights in order to perform.

Can I ignore these messages?


You can absolutely ignore these warnings.

The policy is set, but the user accounts are only recognized on the systems that actually have those user accounts. All other systems will generate warnings.

To resolve this issue, you should target your polices to the specific machines that need them using OUs, WMI filtering, or security permissions on the GPO.


