?
Solved

Userevn Problems

Posted on 2006-03-20
12
Medium Priority
?
428 Views
Last Modified: 2008-01-09
I'm getting 2 errors in my event log. I get a set of 2 that occur approximately once an hour.
Event ID: 1058
Source: Userevn
Type: Error
User: SELHS/Administrator

Windows cannot access the frile gpt.ini for GPO CN=[0324c4e7-e065-4281-b6b0-97f1db6dc35f],CN=policies,DC=selhs,dc=org.
The file must be present at the location <//selhs.org\sysvol\selhs.org\policies\[0324c4e7-e065-4281-b6b0-97f1db6dc35f]\gpt.ini>. (The specified user does not exist.) Group Policy processing aborted

Event ID: 1030
Source:Userevn
Type: Error
User:SELHS/administrator

Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.

What is the cause and solution to this error?
0
Comment
Question by:selhs
  • 7
  • 5
12 Comments
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16238383
One possible cause is incorrectly configured DNS. Verify with an ' ipconfig  /all '  at the command line that your workstations point only to your DNS server an not to your ISP's DNS servers. The ISP's DNS servers should be added to your DNS server's Forwarders list.

If that is not the case, try running Microsoft's network test tool  netdiag.exe  It is available from the Windows Resource Kit or you can download from:
http://www3.ns.sympatico.ca/malagash/Downloads/Net/netdiag.exe
It will test numerous DNS, name resolution, and GP functions and report on each.

0
 

Author Comment

by:selhs
ID: 16239065
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator.SELHS.000>cd\

C:\>netdiag

....................................

    Computer Name: BDC
    DNS Host Name: bdc.selhs.org
    System info : Windows 2000 Server (Build 3790)
    Processor : x86 Family 15 Model 2 Stepping 7, GenuineIntel
    List of installed hotfixes :
        KB883939
        KB890046
        KB893756
        KB896358
        KB896422
        KB896424
        KB896428
        KB898715
        KB899587
        KB899588
        KB899589
        KB899591
        KB900725
        KB901017
        KB901214
        KB902400
        KB904706
        KB905414
        KB905915
        KB908519
        KB910437
        KB911564
        KB911927
        KB912919
        KB913446
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection 2

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : bdc.selhs.org
        IP Address . . . . . . . . : 10.0.0.209
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 10.0.0.1
        Dns Servers. . . . . . . . : 10.0.0.12


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{2A6A2A3F-EC58-4B2D-93C1-91689CD7ED47}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{2A6A2A3F-EC58-4B2D-93C1-91689CD7ED47}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{2A6A2A3F-EC58-4B2D-93C1-91689CD7ED47}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Passed
    Secure channel for domain 'SELHS' is to '\\domainserv.selhs.org'.


Kerberos test. . . . . . . . . . . : Failed
        [FATAL] Kerberos does not have a ticket for host/bdc.selhs.org.


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Passed
    Service status  is: Started
    Service startup is: Automatic
    IPSec service is available, but no policy is assigned or active
    Note: run "ipseccmd /?" for more detailed information


The command completed successfully

Here are my results. Everything appears to pass do you see anything out of the ordinary?
0
 

Author Comment

by:selhs
ID: 16239112
Kerberos test. . . . . . . . . . . : Failed
        [FATAL] Kerberos does not have a ticket for host/bdc.selhs.org.

How can this be fixed I should've stated?
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 78

Expert Comment

by:Rob Williams
ID: 16239196
The kerberose test failure is not likely a problem. There is actually a "glitch" in the netdiag utility that often returns this. However if in doubt there are specific tools to test this. Have look at the following articles which explains the problem and where to find the other tools. I'll do a little digging in the mean time.
http://support.microsoft.com/?kbid=870692
http://www.jsifaq.com/SUBQ/tip8300/rh8319.htm
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16239325
Have you seen the link below? Seems there can be a lot of issues causing that combination of errors. Rather than posting it all here have a look:
http://www.eventid.net/display.asp?eventid=1058&eventno=1752&source=Userenv&phase=1

One thing I did notice is someone found MS patch KB899587 caused the problem. I notice you also have that patch installed on this system.
0
 

Author Comment

by:selhs
ID: 16273557
I removed the patch and did a few other adjustments and nothing. I'm wondering if i'm having a DNS problem. I have the Baseline Analyzer that I run on my server. It can't seem to resolve IP address's when it does a network scan. This use to work up until December. However I can ping by name. Is there something i'm missing in my DNS forwarders?
0
 
LVL 78

Accepted Solution

by:
Rob Williams earned 2000 total points
ID: 16274193
can you resolve a name using at a command line?
nslookup  YourServerName

If not rather than forwarders it may be reverse lookup zones.
Though Reverse Lookup zones are not normally necessary it may be the issue. If you don't have any you can create by right clicking  on the reverse look up zones folder choose new, primary zone and enter the first three octets of your subnet such as 192.168.123  Choose all defaults and it will create the zone (reverses the IP) . Assuming you have dynamic updates enabled (you likely do) it will build the list of computers over the next hour. If you want to manual add the server or others to speed things up right click in the right hand window and add a new ptr record by entering the IP and ComputerName of the device.
0
 

Author Comment

by:selhs
ID: 16275181
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\administrator.SELHS>nslookup domainserv
*** Can't find server name for address 10.0.0.12: Non-existent domain
*** Default servers are not available
Server:  UnKnown
Address:  10.0.0.12

Name:    domainserv.selhs.org
Address:  10.0.0.12


0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16275393
Adding a reverse lookup zone for your domain should repair at least the above.
0
 

Author Comment

by:selhs
ID: 16283668
Nope still getting the same error and the reverse lookup looks correct. It added all the IP address's on my network
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16284697
Did it at least repair the nslookup results ?

I am about out of suggestions. I just uploaded DCDiag to the same location:
http://www3.ns.sympatico.ca/malagash/Downloads/DC/
You could try running either from the domain controller with simply DCDiag or from a workstation using
  dcdiag  /n:YourDomain.suffix
Not sure if there is a difference in the test if run on either. Results may be of some help.
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16310604
Thanks selhs,
--Rob
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
In this article I will be showing you how to subnet the easiest way possible for IPv4 (Internet Protocol version 4). This article does not cover IPv6. Keep in mind that subnetting requires lots of practice and time.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question