2008 BPA for AD Group Policy 'Access to this computer' Error
When running the AD Best Practices on Server 2008, you may receive the following error:
> The AD DS BPA should be able to collect data about Group Policy Results setting “Access this computer from the network” from the domain controller
To find the GPO at fault, open up Group Policy Management Console, and back up your GPOs manually. Right-click the Group Policy Objects container, and choose Back Up All. As it is backing up, it will eventually give you an error on whichever GPO has the outdated SID:
GPO: Default Domain Controllers Policy…Succeeded, but note the following issues: > [Warning] The security principal [S-1-5-21-940797813-2055044403-441284377-1536] referenced in extension [Security] cannot be resolved, but the task will continue. Fix the referenced GPO, and re-run BPA.