Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Windows 2003 PDC unable to open netlogon or Domain Controller Security Policy

Posted on 2005-03-19
Medium Priority
Last Modified: 2010-05-18
I manage a server that has started giving the following problems.

First we noticed that the netlogon share was not able to be accessed. After that we also noticed that Domain Controller Serurity Policy was not availiable.

This all seems to be tied back to the fact that fact that the sysvol share has a different name than the system is looking for. I am unsure how this could be, but the following errors in event view is what lead me to this conclusion.

Event ID: 1058
Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=intranet,DC=local. The file must be present at the location <\\intranet.local\sysvol\intranet.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>. (The system cannot find the path specified. ). Group Policy processing aborted.

Event ID: 1030
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.

When I open the "c:\WINNT\SYSVOL\sysvol\intranet.local\Policies" directory the only folder is "{5CC22055-4D2D-4714-B449-0A174D4A6751}".

Does anyone know how I can fix this problem? I have tried Micrsoft KB article 830676 and 842804. These did not seem to help.

Thanks in advance.
Question by:mcminc
LVL 86

Expert Comment

ID: 13583939
If you have more than one DC, check the sysvol folders on all of them. If it's present on one of the others, you have a replication problem.
If you have only one DC, check if you have a valid backup of the sysvol folder, and restore the missing folder.
If you don't have a backup, you can try to recreate the folder manually. Here's a similar issue; this might work for you as well:

Group Policy Error Message When Appropriate Sysvol Contents Are Missing

Author Comment

ID: 13584477
I appricate the post, but they did not help me.

I have check the only other DC on the domain and it has the same directory structure.

I do not have a backup as I believe this has been a problem for over a month and our backup scheme does not go back that many days.

If anyone else has a suggestion please let me know.
Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.


Author Comment

ID: 13584548
One other note.

When I restart the netlogon service I get the folloowing error.

Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5706
Date:            3/20/2005
Time:            12:07:11 AM
User:            N/A
Computer:      TERMSER
The Netlogon service could not create server share C:\WINNT\SYSVOL\sysvol\intranet.local\SCRIPTS.  The following error occurred:
The system cannot find the file specified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0000: 02 00 00 00               ....    

Does anyone know how to fix this? If so maybe that will create the share.

Author Comment

ID: 13584560
BTW: I was going to say that I had already looked at http://support.microsoft.com/default.aspx?scid=kb;en-us;318936 and the Registry entries look good.

Expert Comment

ID: 13585328
does the netlogon service start and stay up on boot? if not, see http://support.microsoft.com/?kbid=269375.

I had the similar problem on sysvol location, just fix the path to sysvol location and it should work. See articles




how to modify registry.
LVL 86

Accepted Solution

oBdA earned 2000 total points
ID: 13585394
Have you tried to create the ...\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9} folder manually?
As for the scripts folder--does it exist at all?

Author Comment

ID: 13585983

Manually recreating the folders seems to have taken care of the problem. I had to also create the SCRIPTS folder and set the permissions, but it worked. Now all I have to do is recreate all the login scripts.


Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Screencast - Getting to Know the Pipeline
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question