l

Recently, I came across an issue with MMC Snap-in error specifically while navigating to the Security options (wsecedit.dll) in either RSOP.msc or GPedit.msc. Further checking on other servers, noticed that the problematic server has the September patch installed KB4577015 and the working server had the August patch KB4571694.

Opened the RSOP.msc or GPedit.msc and navigate to Computer Configuration > Windows Setting > Security Settings > Local Policy > Security Options and the below error message appears,

Further researching, found that Microsoft has confirmed that it’s a known issue and below are the workarounds available.

Workaround 1:

Launch the MMC in one of Windows server where the specific patch is not installed and generate the RSoP data for the affected server

MMC -> Resultant Set of Policy -> More Actions -> Generate RSoP Data and select the option “Another Computer”

Workaround 2:

You can also install Remote Administrative tools using Server Manager on a device which is not running this patch. This will allow you to run Group Policy Management Console and edit GPOs on the affected server

Workaround 3:

The crash can be avoided by deleting the following registry key. Deleting the key will cause the “Interactive logon: Display user information when the session is locked” policy to not appear in the console. (The policy is still effective, but you can’t see it in the UI to edit it).

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SecEdit\Reg values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DontDisplayLockedUserId

Please Note: Export the registry key before deleting and import it when the actual fix has been released

References:

https://docs.microsoft.com/en-us/windows/release-information/status-windows-10-1607-and-windows-server-2016#1482msgdesc

https://docs.microsoft.com/en-us/answers/questions/92345/gpmc-error-for-34security-options34-after-updates.html

Happy learning!! šŸ™‚

By Ashok M

Microsoft Certified Professional with key technical skills including Microsoft Exchange, Windows Server, Microsoft Azure, Office 365, Intune, EMS, Skype for Business, Active Directory, ADFS and has got more exposure to Hyper V, System Center Configuration Manager, Virtualization, Video conferencing room systems, SQL. Have experience in design, implementation, migration & support for various Microsoft infrastructure products. Currently working as "Implementation Engineer" with the UAE's first tier IV Data Center design certification in the region.

Leave a Reply

Your email address will not be published. Required fields are marked *