I have several XP Machines in my 2003 domain that have multiple event ID: 1030 entries in their application logs. On the same machines I'm also getting Information events in the app. log that say "Security policy in the Group policy objects has been applied successfully." My logon scripts are still running, and it appears that my other GPO setting (password protect screensaver) works as well. I was also able to create a test GPO, run gpupdate on my xp machine, and have the changes to into effect immediately. I can't figure out why I'm still receiving the 1030 entries.
I think it may have something to do with DNS. When I ping "domainname.com" I receive a different IP then my domain controllers. When I look at my dns entries there are several A records that are named (same as parent folder). Two of these records are my domain controllers which is ok, but I have no idea where the otehr IP's came from, and they aren't pingable either. Did someone add those manually, or was it done dynamically somehow? Is it safe to just remove them, or should I investigate into this first? Would this also explain why some users are experiencing netbios related issues, like not being able to connect to network shares even though name resolution is working fine.
Any help is greatly appreciated. Thanks.