Solved

Group policy not applying

Posted on 2004-09-30
8
9,008 Views
Last Modified: 2012-05-05
I have a single domain with 3 windows 2000 (sp4) domain controllers, and 50 xp clients. I am having a problem getting my group policies not applying. They have been working fine for a year now and all of a sudden they stopped working. When I run Result of policy, they are not getting applied, I get the follwing errors:

Group Policy Infrastructure Failed 9/30/2004 10:09:51 AM
Group Policy Infrastructure failed due to the error listed below.

The system cannot find the path specified.

Note: Due to the GP Core failure, none of the other Group Policy components processed their policy. Consequently, status information for the other components is not available.

Additional information may have been logged. Review the Policy Events tab in the console or the application event log for events between 9/30/2004 10:09:47 AM and 9/30/2004 10:09:51 AM.
 

Any Ideas ??
0
Comment
Question by:itly09
  • 3
  • 3
8 Comments
 
LVL 5

Accepted Solution

by:
zerofield earned 250 total points
ID: 12190495
just gathering more info on your AD.. your DC's are replicating without error correct?

here's a few links from a few minutes of google-searching:

Group Policy Management Console (just makes it a tad easier)
http://www.microsoft.com/downloads/details.aspx?FamilyId=0A6D4C24-8CBD-4B35-9272-DD3CBFC81887&displaylang=en

Troubleshooting GPO's (blah, generic, but it may make you think of something you overlooked)
http://support.microsoft.com/?id=250842


http://www.winntmag.com/Forums/messageview.cfm?catid=54&threadid=124853

this last link details a guy having the same problem, and disabling "media sense" on the NIC fixed it.  very corky.  the reason i asked if the DC's are replicating was to get a feel for wether or not there was connectivity + up to date data being passed on the AD.  It's strange, but hey, give the media sense thing a shot if you havent.
0
 
LVL 2

Assisted Solution

by:Jman8R
Jman8R earned 250 total points
ID: 12190889
Were any changes made to your policies proir to this occuring?

Regards,
  Jman8R
0
 
LVL 5

Expert Comment

by:zerofield
ID: 12190925
for that matter, were any changes made ANYWHERE on the AD as far as topology/server changes/GPO changes?  new servers?
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 

Author Comment

by:itly09
ID: 12191040
OK, I am not sure if everything is replicatng fine. I ran dcdiag /v and everything passed except this error:

Starting test: frssysvol
   * The File Replication Service Event log test
   The SYSVOL has been shared, and the AD is no longer
   prevented from starting by the File Replication Service.
   There are errors after the SYSVOL has been shared.
   The SYSVOL can prevent the AD from starting.

The File Replication Service is having trouble enabling replication from LARODC1 to LARODC2 for c:\winnt\sysvol\domain using the DNS name larodc1.laro.com. FRS will keep retrying.
 Following are some of the reasons you would see this warning.
 
 [1] FRS can not correctly resolve the DNS name larodc1.laro.com from this computer.
 [2] FRS is not running on larodc1.laro.com.
 [3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.
 
 This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.

Jman8r - as for your question, I am always making changes to gp. just recently i added a new one and it was then when i realized that they werent applying to my new computers in the domain.
0
 
LVL 5

Expert Comment

by:zerofield
ID: 12191089
Is DNS running on all of your DC's?  If it isnt, enable it.  Then confirm as somebody else suggested in another thread that each machine is seeing the correct name <--> address translation.  Test out the replicating again.
0
 

Author Comment

by:itly09
ID: 12191191
yes both (ADI) DNS servers are up and running. I Have the following configuration:

LaroDC1 = Domain controller 1 & DNS server
1st dns server - itself, 2nd - larodc2
 
LaroDC2 = Domain controller 2 & DNS server
1st dns server - itself, 2nd - larodc1

if i do a nslookup from larodc1 i get = larodc1.laro.com and its correct address
if i do a nslookup from larodc2 i get = larodc2.laro.com and its correct address

No major changes or new servers have been added to network toplogy, only group policy changes have been made.

Ok, now as far as group policy resultant (the new one with sp1)
and under Component Status:

Component Name Status Last Process Time
Group Policy Infrastructure Failed 9/30/2004 10:09:51 AM
Group Policy Infrastructure failed due to the error listed below.

The system cannot find the path specified.

Note: Due to the GP Core failure, none of the other Group Policy components processed their policy. Consequently, status information for the other components is not available.

Additional information may have been logged. Review the Policy Events tab in the console or the application event log for events between 9/30/2004 10:09:47 AM and 9/30/2004 10:09:51 AM.
 
EFS recovery (N/A) 9/28/2004 5:10:03 PM
Registry (N/A) 9/28/2004 5:09:56 PM
Scripts (N/A) 6/9/2004 12:09:19 PM
Security (N/A) 9/28/2004 5:10:02 PM
0
 

Author Comment

by:itly09
ID: 12191199
What is another way to check/ensure Replication is working ? just dcdiag ?
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
The advancement in technology has been a great source of betterment and empowerment for the human race, Nevertheless, this is not to say that technology doesn’t have any problems. We are bombarded with constant distractions, whether as an overload o…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question