When running IIS, SQL Server, or SharePoint on a Windows Server 2008 R2 domain controller, you may encounter this error:
Event ID: 1202
Security Policies were propagated with warning. 0×534 : No mapping between account names and security IDs was done.
I ran into this error when building a virtual machine to run a self contained SharePoint environment, which required that the VM also be a domain controller. This event will show up repeatedly every few minutes in the application event log. The error occurs because the domain controller doesn’t have a concept of “local” accounts and doesn’t know how to resolve some account names that are added by IIS and SQL Server to the domain controller security policy. Microsoft has released a hotfix 977695 to resolve the issue. Continue reading