Solved

Group policy not applying

Posted on 2004-09-30
8
8,976 Views
Last Modified: 2012-05-05
I have a single domain with 3 windows 2000 (sp4) domain controllers, and 50 xp clients. I am having a problem getting my group policies not applying. They have been working fine for a year now and all of a sudden they stopped working. When I run Result of policy, they are not getting applied, I get the follwing errors:

Group Policy Infrastructure Failed 9/30/2004 10:09:51 AM
Group Policy Infrastructure failed due to the error listed below.

The system cannot find the path specified.

Note: Due to the GP Core failure, none of the other Group Policy components processed their policy. Consequently, status information for the other components is not available.

Additional information may have been logged. Review the Policy Events tab in the console or the application event log for events between 9/30/2004 10:09:47 AM and 9/30/2004 10:09:51 AM.
 

Any Ideas ??
0
Comment
Question by:itly09
  • 3
  • 3
8 Comments
 
LVL 5

Accepted Solution

by:
zerofield earned 250 total points
Comment Utility
just gathering more info on your AD.. your DC's are replicating without error correct?

here's a few links from a few minutes of google-searching:

Group Policy Management Console (just makes it a tad easier)
http://www.microsoft.com/downloads/details.aspx?FamilyId=0A6D4C24-8CBD-4B35-9272-DD3CBFC81887&displaylang=en

Troubleshooting GPO's (blah, generic, but it may make you think of something you overlooked)
http://support.microsoft.com/?id=250842


http://www.winntmag.com/Forums/messageview.cfm?catid=54&threadid=124853

this last link details a guy having the same problem, and disabling "media sense" on the NIC fixed it.  very corky.  the reason i asked if the DC's are replicating was to get a feel for wether or not there was connectivity + up to date data being passed on the AD.  It's strange, but hey, give the media sense thing a shot if you havent.
0
 
LVL 2

Assisted Solution

by:Jman8R
Jman8R earned 250 total points
Comment Utility
Were any changes made to your policies proir to this occuring?

Regards,
  Jman8R
0
 
LVL 5

Expert Comment

by:zerofield
Comment Utility
for that matter, were any changes made ANYWHERE on the AD as far as topology/server changes/GPO changes?  new servers?
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 

Author Comment

by:itly09
Comment Utility
OK, I am not sure if everything is replicatng fine. I ran dcdiag /v and everything passed except this error:

Starting test: frssysvol
   * The File Replication Service Event log test
   The SYSVOL has been shared, and the AD is no longer
   prevented from starting by the File Replication Service.
   There are errors after the SYSVOL has been shared.
   The SYSVOL can prevent the AD from starting.

The File Replication Service is having trouble enabling replication from LARODC1 to LARODC2 for c:\winnt\sysvol\domain using the DNS name larodc1.laro.com. FRS will keep retrying.
 Following are some of the reasons you would see this warning.
 
 [1] FRS can not correctly resolve the DNS name larodc1.laro.com from this computer.
 [2] FRS is not running on larodc1.laro.com.
 [3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.
 
 This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.

Jman8r - as for your question, I am always making changes to gp. just recently i added a new one and it was then when i realized that they werent applying to my new computers in the domain.
0
 
LVL 5

Expert Comment

by:zerofield
Comment Utility
Is DNS running on all of your DC's?  If it isnt, enable it.  Then confirm as somebody else suggested in another thread that each machine is seeing the correct name <--> address translation.  Test out the replicating again.
0
 

Author Comment

by:itly09
Comment Utility
yes both (ADI) DNS servers are up and running. I Have the following configuration:

LaroDC1 = Domain controller 1 & DNS server
1st dns server - itself, 2nd - larodc2
 
LaroDC2 = Domain controller 2 & DNS server
1st dns server - itself, 2nd - larodc1

if i do a nslookup from larodc1 i get = larodc1.laro.com and its correct address
if i do a nslookup from larodc2 i get = larodc2.laro.com and its correct address

No major changes or new servers have been added to network toplogy, only group policy changes have been made.

Ok, now as far as group policy resultant (the new one with sp1)
and under Component Status:

Component Name Status Last Process Time
Group Policy Infrastructure Failed 9/30/2004 10:09:51 AM
Group Policy Infrastructure failed due to the error listed below.

The system cannot find the path specified.

Note: Due to the GP Core failure, none of the other Group Policy components processed their policy. Consequently, status information for the other components is not available.

Additional information may have been logged. Review the Policy Events tab in the console or the application event log for events between 9/30/2004 10:09:47 AM and 9/30/2004 10:09:51 AM.
 
EFS recovery (N/A) 9/28/2004 5:10:03 PM
Registry (N/A) 9/28/2004 5:09:56 PM
Scripts (N/A) 6/9/2004 12:09:19 PM
Security (N/A) 9/28/2004 5:10:02 PM
0
 

Author Comment

by:itly09
Comment Utility
What is another way to check/ensure Replication is working ? just dcdiag ?
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this article, you will read about the trends across the human resources departments for the upcoming year. Some of them include improving employee experience, adopting new technologies, using HR software to its full extent, and integrating artifi…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now