Question

Network and/or group policy problem

Asked by: mms_master

Hi,

We have just replaced 17 old PC's with brand new ones. For some reason about 6 (so far) of them randomly seem to only pick up some of their policies. Here's some of the things we've noticed:

1) Their home directories are not mapped
2) Additional mappings set via a logon script are not mapped
3) They are able to right click the desktop and shouldn't be
4) Their wallpaper doesn't get replaced with ours
5) Their Internet proxy settings are missing (so they are unable to use the internet)
6) Symantec Endpoint's Icon shows that it is offline (I.e. cannot communicate with our Antivirus Server)

However, they are not able to browse the C drive; they are told that it's restricted... So something is being picked up...
We are also able to ping our domain controllers when this happens.

If we remove the computer from our domain and then add it again, it solves the problem. But only for a while.

We are running Windows Server 2003 on all of our servers and Windows XP Pro SP3 on all of our clients.

The event log from one of the computers has the following errors/warnings:

=================================================
Event: 1054

Windows cannot obtain the domain controller name for your computer network. (A socket operation was attempted to an unreachable host. ). Group Policy processing aborted.

Event: 4356

The COM+ Event System failed to create an instance of the subscriber partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{6295DF2D-35EE-11D1-8707-00C04FD93327}.  CoGetObject returned HRESULT 8000401A.

Event: 15

Automatic certificate enrollment for local system failed to contact the active directory (0x8007003a).  The specified server cannot perform the requested operation.
  Enrollment will not be performed.

Event: 1006

Windows cannot bind to stanwell.internal domain. (Local Error). Group Policy processing aborted.

Event: 1000

Could not execute the following script Mapping.bat. The system cannot find the file specified.

Event: 1030

Windows cannot query for the list of Group Policy objects. A message that describes the reason for this was previously logged by the policy engine.

Event: 1053

Windows cannot determine the user or computer name. (Not enough storage is available to complete this operation. ). Group Policy processing aborted.

Event: 1053

Windows cannot determine the user or computer name. (The RPC server is unavailable. ). Group Policy processing aborted.

=================================================

Thanks in advance,
mms_master

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-06-23 at 04:22:20ID24514231
Tags

network

,

group policy

,

policy

,

windows

,

server

,

2003

,

xp

Topics

Active Directory

,

Windows 2003 Server

,

Windows XP Operating System

Participating Experts
3
Points
500
Comments
18

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. Force RPC Service to start on LOCAL MACHINE with Group …
    Is there a specific spot in GROUP POLICY where I can force RPC Services (or any number of others) to start on the local MACHINE configuration?
  2. RPC UNREACHABLE, WMI ISSUE
    Hello, I'm encountering problems with my Microsoft domain. I'm using an application that works with WMI to push policies to client stations, but everytime I try to push policies/pull logs of clients FROM my server, I get the following error: win32 : RPC server unreachable. ...
  3. Remotely Installing Symantec Root Certificate
    We are currenly haveing a few problems with symantec av 10.2, I used this artical to "fix" the problem Symantec AntiVirus managed clients do not appear in Symantec System Center http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2005090810290448?OpenDoc...
  4. Configure RPC over HTTP with a group policy script
    HI, Is there a way to configure RPC over HTTP with a group policy script? We are using SBS 2003

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: aobrien32Posted on 2009-06-23 at 04:36:11ID: 24690787

Hi,

How are you joining the pcs to the domain and have you checked all the dns settings, is the server listed as the primary dns or do you have something else listed first.

cheers

 

by: mms_masterPosted on 2009-06-23 at 05:16:05ID: 24691034

Hi,

We are joining the PC's to the domain by going to System Properties > Change Name > Change, selecting domain and then entering our domain name (stanwell.internal). I have manually set the IP etc of the client PC's. The IP I've entered for the Prefered DNS is our primary domain controller and the Alternate DNS is ponting to our second DNS server.

We have 500-600 PC's on the network, all of which have been joined to the domain in the same method (except that some pick up their DNS settings via DHCP). None of these are getting the same problem. It only seems to be happening on 6 of our new ones.

Thanks,
mms_master

 

by: DCMBSPosted on 2009-06-23 at 05:51:11ID: 24691284

All the errors listed above indicate that the workstation cannot connect to the preferred DNS server.  I wonder if this is something to do with Symantec Endpoint.  Could it be blocking port 53.  Try removing Symatec Endpoint on one of the workstations and see if the issue goes away.  Alternativeley try telnetting to the preffered DNS server on port 53 when the issue is presentand see if you get a connection.

 

by: MariusSunchaserPosted on 2009-06-23 at 06:11:04ID: 24691464

Hi there.
The problem you have is a DC that doesn't replicate with the other DCs. I bet that the workstations with the problem connected to the DC with the problem.

Check the \Windows\Debug\NetSetup.log file to see what DC your ws connected to, and rejoin the computers to the domain, to connect to a healthy DC.

 

by: mms_masterPosted on 2009-06-23 at 07:23:15ID: 24692161

@DCMBS

I tried to telnet one of our DC's on a machine with the problem and couldn't connect. Tried from the machine next to it and I could. I then removed Symantec Endpoint, restarted the machine and tried using telnet and the Internet. All appeared well for the first 2 minutes. Then some elements (e.g. images) were not being displayed. Refreshing the page loaded those elements, but sometimes broke others. Then all of a sudden the internet stopped working. When this happened I tried to telnet again and was unable to connect.

So it doesn't appear to be Symantec Endpoint. (Our windows firewall is also turned off)

@MariusSunchaser
I've checked one of the computers and its connecting to stanweb3 (our 3rd server). There is an older PC on the other side of the room which has been working for about a year with no problems. I've checked the log on that PC also and it is connecting to stanweb3 aswell.

If by changing the DC it connects to you mean change the prefered dns on the IP settings; it is currently set to stanweb's IP and the alternate is set to stanweb2, but it's connecting to stanweb 3...

 

by: DCMBSPosted on 2009-06-23 at 07:45:47ID: 24692428

This really smacks of a Symantec issue.  Symantec doesn't always remove cleanly.  There is a removal tool here that may remove it cleanly.

http://www.symantec.com/connect/forums/sep11-32-bit-removal-utility

Try removing SEP completely and see if the issue still occurs.

 

by: DCMBSPosted on 2009-06-23 at 07:53:26ID: 24692509

There is also a utility called Cleanwipe for removing SEP but you must log a call with symantec suppport to get it.  They will not make it publicly available.

 

by: mms_masterPosted on 2009-06-23 at 08:02:10ID: 24692609

Not saying that SEP isn't causing the problem, but we have it installed all over the network (on atleast 300 machines) and we are only having this problem in the one room. Would you think that rules it out or not?

We've also thought about switch and network socket problems etc, but the old machines didn't have this problem so I can't see how that could be the problem. I'm confused now, can't think of anything that's different on these machines which could be causing the problem.

We also took one machine and reinstalled the drivers for the network card and that didn't solve the problem.

It now appears to be the whole room which is having the problem (except for the one older machine) not just 6.

 

by: DCMBSPosted on 2009-06-23 at 08:14:46ID: 24692741

If I read your comments right you seem to be saying that the machine works OK when first joined to the domain but after a while the problem manifests.  When the problem manifests you are able to ping the DC so network connectivity seems to be OK. However you are not able to connect to the preferred DNS server on port 53.  The symptons you describe are caused by this inability to connect to the preferred DNS server.  So something is blocking connectivity on port 53.  I would strongly suspect Symantec Endpoint here.  It seems to something on the workstations as other machines continue to be able to connect.  Could it be an issue with SEP and the NIC drivers on this particular type of machine.

 

by: DCMBSPosted on 2009-06-23 at 08:43:50ID: 24692985

Also what make are the PCs and What are The NICs.  I have heard that Broadcom NICs can cause similar issues.  If the NICs are broadcoms can you try another make.

 

by: mms_masterPosted on 2009-06-23 at 09:27:16ID: 24693424

Not sure what make the NIC's are. However we have tried another PC in the same physical room and OU and it works fine. We have now been told that its happening in another new room. It only appears to be happening on Dell Optiplex 760. All of our Optiplex 740's work fine.

I'm going to ring Dell in the morning. I will update you as soon as I know more.

Thanks,

mms_master

 

by: DCMBSPosted on 2009-06-23 at 10:06:44ID: 24693778

Dell use Broadcom mostly so it could be the Broadcom NICs.

 

by: mms_masterPosted on 2009-06-24 at 04:45:36ID: 24700091

Dell have asked us to create a fresh build, installing drivers in the order they have emailed to me. (Which we did initially with these computers after having a problem with some UDF reader software) So I can't see this resolving anything, but we have to humour them to get anywhere.

However whilst doing this we have decided to create 2 fresh builds, install nothing at all on the one (except windows updates and drivers) and only SEP on the other. We will then put them both in the same OU as the existing computers, plug them in with the same cables and sockets etc and see what happens. After this we will call Dell again with the results.

We are also going to take a PCI NIC from another PC and install it on one of the broken machines (with the original image) to see if that makes a difference.

Thanks,
mms_master

 

by: mms_masterPosted on 2009-06-24 at 04:47:43ID: 24700102

Also forgot to mention, I ran the replmon.exe UI on our preffered DC, added all of our DC's and then went to Action > Domain > Search Domain Controllers for Replication Errors, and run a search on the domain stanwell.internal. This search returned no errors.

 

by: mms_masterPosted on 2009-06-29 at 12:29:15ID: 24739330

We created the 2 fresh builds and they both worked with no problem, which suggests that software is causing the problem. We then installed all of our software on one machine, and the on the other we installed one peice at a time, waiting 20 minutes in between each to see if it caused the problem. Both of these machines worked as they were supposed to...

At this point we were a bit puzzled. My collegue then decided to try disabling some services on a computer which had lost connection. Right at the top of the list was Altiris Agent. When he disabled this service, he was immediately able to use the Internet again. We then disabled this service on several machines and let them sit for 20 minutes. Not one of them lost connection.

Altiris Agent is part of a client from Dell's Client Manager software, which bolts on to Symantec/Altiris Notification Server. Our server is set to push out the client on Monday mornings (so wasn't yet installed on the 2 fresh builds, hence why they worked)

About 50 of the PC's have been running for half of Friday and all of today and nobody has said they were having any problems. Bit annoyed that DELL client manager is causing a problem with DELL PC's, and that it's cost us 5 days, but happy to have it resolved.

Thank you for your help. I am going to split the points between all 3 of you, giving the majority to DCMBS as he/she posted most of the comments.

Thanks again,
mms_master

 

by: DCMBSPosted on 2009-07-04 at 02:25:17ID: 24776414

Thanks for the points.  I would be intrigued to know if Dells client manager would have this issue if Symantec wasn't installed.

 

by: mms_masterPosted on 2009-07-04 at 08:04:00ID: 24777073

No problem. If you mean Symantec Endpoint then it had no difference. If you mean Symantec/Altiris Notification Server, the Dell Client Manager is an addon to that software, so it's not possible.

mms_master

 

by: DCMBSPosted on 2009-07-04 at 08:19:57ID: 24777109

Thanks

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...