mikesjn
asked on
Domain controllers policy cannot be opened with full admin
When I go to open the default domain controllers policy I get "failed to open the group policy object, you may not have appropriate rights detail: the system cannot find the path specified. All other GPO are fine and permissions okay- I can create a new policy in that container and all okay. GPOTOOL gives this result
Policy {6AC1786C-016F-11D2-945F-0 0C04FB984F 9}
Policy OK
Details:
-------------------------- ---------- ---------- ---------- ----
DC: ws-ukdatastore.internal.bi owisdom.co m
Friendly name: Default Domain Controllers Policy
Created: 07/02/2001 22:17:03
Changed: 28/10/2004 14:13:46
DS version: 0(user) 23(machine)
Sysvol version: 0(user) 23(machine)
Flags: 0
User extensions: not found
Machine extensions: [{827D319E-6EAC-11D2-A4EA- 00C04F79F8 3A}{803E14 A0-B4FB-11 D0-A0D0-00 A0C90F574B }]
Functionality version: 2
-------------------------- ---------- ---------- ---------- ----
If I run with /check acl it comes back okay for all policies.
Any ideas
Policy {6AC1786C-016F-11D2-945F-0
Policy OK
Details:
--------------------------
DC: ws-ukdatastore.internal.bi
Friendly name: Default Domain Controllers Policy
Created: 07/02/2001 22:17:03
Changed: 28/10/2004 14:13:46
DS version: 0(user) 23(machine)
Sysvol version: 0(user) 23(machine)
Flags: 0
User extensions: not found
Machine extensions: [{827D319E-6EAC-11D2-A4EA-
Functionality version: 2
--------------------------
If I run with /check acl it comes back okay for all policies.
Any ideas
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
find /i "cannot find" %SYSTEMROOT%\security\logs
It's sometimes caused by a renamed or deleted account. Let me know what you find out.