Solved

Windows XP Machines not receiving Group Policies

Posted on 2006-06-21
52
2,999 Views
Last Modified: 2012-08-13
We have about 60 Windows XP machines, some of which just don't seem to receive Group Policies.  We can tell quite easily because we have some login scripts that are distributed to machines on the nextwork.  What is strange is that the P: drive which is mapped by the Home Folder in AD rather than through a login script is always mapped which means that, at some point, the client PC is connecting to the DC.

I have checked the following :

There are folders with GUIDs in the sysvol folder on our AD Server.
If I run the login scripts manually, they work.

Any ideas?
0
Comment
Question by:ddh76
  • 19
  • 14
  • 10
  • +1
52 Comments
 
LVL 9

Accepted Solution

by:
bigjimbo813 earned 500 total points
ID: 16952479
try doing a  *   gpupdate /f    * from the command line (no stars)
0
 
LVL 1

Author Comment

by:ddh76
ID: 16952572
Yes, this seems to work.  Why wouldn't it do this when I log in?
0
 
LVL 9

Expert Comment

by:bigjimbo813
ID: 16953838
Group Policies take up to 20 minutes to replicate/go into effect.

That command forces it immediatly.
0
 
LVL 1

Author Comment

by:ddh76
ID: 16957793
No.   My Group Policies have been around for over 2 years.  This is not a new GPO and not a new problem.  We have always had problems with them.

Some machines receive the GPs and some machines don't.

I am asking why this is?
0
 
LVL 1

Expert Comment

by:grigory7811
ID: 16959923
Do you have any errors from SceCli in application log from these stations?
0
 
LVL 1

Author Comment

by:ddh76
ID: 16960091
Have a look at this error.  This doesn't look too good!  I imagine this is what is causing the problem??

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1054
Date:            22/06/2006
Time:            09:02:24
User:            NT AUTHORITY\SYSTEM
Computer:      BH021
Description:
Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 
LVL 1

Expert Comment

by:grigory7811
ID: 16966390
It's not a problem if this message appears once at system startup and after some time you'll see the following event:

Event Type:      Information
Event Source:      SceCli
Event Category:      None
Event ID:      1704
Date:            20.06.2006
Time:            20:22:38
User:            N/A
Computer:      SHORIN
Description:
Security policy in the Group policy objects has been applied successfully.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 
LVL 1

Author Comment

by:ddh76
ID: 16966889
Ok, well I guess that is the problem.  The above event does NOT appear in my Event Viewer...

Any ideas...?
0
 
LVL 1

Expert Comment

by:grigory7811
ID: 16967070
do you have one of following things:
1 a non-micorosft firewall on computers
2 any firewall on DC
3 firewall between computers and DC?
0
 
LVL 1

Author Comment

by:ddh76
ID: 16967104
Yes, we have Symantec Client Firewall, but we have set the IP Address of the Server to be trusted?

Is this not good enough?  

No firewall on the DC.
No firewall between computers and DC.
0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 16968176
Hello DDH76,

Well, Event ID 1054, indicates that DNS Server is not configured properly, to resolve this situation try this,

1. Open Network Connections in Control Panel.
2. Right-click Local Area Connection, and then click Properties.  
3. Click Internet Protocol (TCP/IP), and then click Properties.  
4. Type the correct DNS address in the Preferred DNS server box.
5. Click OK.

If above steps don't work then try this,

Windows XP computer is a domain member, and the Distributed File System (DFS) client is turned off (disabled), this behavior will occur, because the SYSVOL share requires the DFS client to make a connection.
To fix the problem, enable the DFS client:

1. Use the Registry Editor to navigate to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mup

2. Edit or add Value Name DisableDFS, a REG-DWORD data type. A data value of 0 means that the client is turned on. A data value of 1 disables the client.

3. Press OK and exit the Registry Editor.

4. Verify that File and Printer Sharing for Microsoft Networks is enabled on the interface:

        A. Start / Network Connections.

        B. Right-click the appropriate connection and press Properties.

        C. On the General tab, make sure that File and Printer Sharing for Microsoft Networks is checked.

        D. Press OK.


 more info,
http://support.microsoft.com/kb/324174/en-us
http://www.jsiinc.com/subk/tip5100/rh5168.htm
http://support.microsoft.com/search/default.aspx?query=event+id+1054&catalog=LCID%3D1033&spid=&qryWt=&mode=r&cus=False
http://support.microsoft.com/kb/326152/en-us

Regards,

Engineer_Dell


0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 16968781
Please also refer this,  as it directly deals with the problem,

http://support.microsoft.com/kb/840669

Regards,

Engineer_Dell
0
 
LVL 1

Expert Comment

by:grigory7811
ID: 16969047
I need some additional logging from one of affected computers
To enable verbose logging set two registry values:
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
DWORD Value: DBFlag = 0x2080ffff
and
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
DWORD Value: UserEnvDebugLevel=0x00030002

then restart computer and review the following log files:
%SystemRoot%\Debug\Netlogon.log
%Systemroot%\Debug\UserMode\Userenv.log

send me any errors wich you'll see in logs
0
 
LVL 1

Author Comment

by:ddh76
ID: 16970728
ok, here we go :

USERENV(d0.b1c) 17:34:56:957 GetUserNameAndDomain:  MyGetUserNameEx failed for NT4 style name with 1115
USERENV(484.488) 17:35:47:354 InitializePolicyProcessing: Initialised Machine Mutex/Events
USERENV(484.488) 17:35:47:364 InitializePolicyProcessing: Initialised User Mutex/Events
USERENV(484.488) 17:35:47:364 LibMain: Process Name:  \??\C:\WINDOWS\system32\winlogon.exe
USERENV(484.488) 17:35:48:546 Entering CUserProfile::Initialize ...
USERENV(484.488) 17:35:48:546 CUserProfile::Initialize called by winlogon
USERENV(484.488) 17:35:48:556 CUserProfile::Initialize: critical section initialized
USERENV(484.488) 17:35:48:556 CSyncManager::Initialize: critical section initialized
USERENV(484.488) 17:35:48:556 CUserProfile::Initialize: registry key Software\Microsoft\Windows NT\CurrentVersion\ProfileList opened
USERENV(484.488) 17:35:48:556 CUserProfile::Initialize: Proccessing S-1-5-21-1935655697-1957994488-854245398-500
USERENV(484.488) 17:35:48:566 CSyncManager::EnterLock <S-1-5-21-1935655697-1957994488-854245398-500>
USERENV(484.488) 17:35:48:566 CSyncManager::EnterLock: No existing entry found
USERENV(484.488) 17:35:48:566 CSyncManager::EnterLock: New entry created
USERENV(484.488) 17:35:48:576 CHashTable::HashAdd: S-1-5-21-1935655697-1957994488-854245398-500 added in bucket 8
USERENV(484.488) 17:35:48:576 CUserProfile::CleanupUserProfile: Enter critical section.
USERENV(484.488) 17:35:48:576 CUserProfile::GetRefCountAndFlags: Ref count is 0, state is 00000100
USERENV(484.488) 17:35:48:586 CSyncManager::LeaveLock <S-1-5-21-1935655697-1957994488-854245398-500>
USERENV(484.488) 17:35:48:586 CSyncManager::LeaveLock: Lock released
USERENV(484.488) 17:35:48:586 CHashTable::HashDelete: S-1-5-21-1935655697-1957994488-854245398-500 deleted
USERENV(484.488) 17:35:48:596 CSyncManager::LeaveLock: Lock deleted
USERENV(484.488) 17:35:48:596 CUserProfile::CleanupUserProfile: Leave critical section
USERENV(484.488) 17:35:48:596 CUserProfile::Initialize: Proccessing S-1-5-21-1801674531-1532298954-839522115-500
USERENV(484.488) 17:35:48:606 CSyncManager::EnterLock <S-1-5-21-1801674531-1532298954-839522115-500>
USERENV(484.488) 17:35:48:606 CSyncManager::EnterLock: No existing entry found
USERENV(484.488) 17:35:48:616 CSyncManager::EnterLock: New entry created
USERENV(484.488) 17:35:48:616 CHashTable::HashAdd: S-1-5-21-1801674531-1532298954-839522115-500 added in bucket 6
USERENV(484.488) 17:35:48:616 CUserProfile::CleanupUserProfile: Enter critical section.
USERENV(484.488) 17:35:48:626 CUserProfile::GetRefCountAndFlags: Ref count is 0, state is 00000100
USERENV(484.488) 17:35:48:626 CSyncManager::LeaveLock <S-1-5-21-1801674531-1532298954-839522115-500>
USERENV(484.488) 17:35:48:626 CSyncManager::LeaveLock: Lock released
USERENV(484.488) 17:35:48:626 CHashTable::HashDelete: S-1-5-21-1801674531-1532298954-839522115-500 deleted
USERENV(484.488) 17:35:48:636 CSyncManager::LeaveLock: Lock deleted
USERENV(484.488) 17:35:48:636 CUserProfile::CleanupUserProfile: Leave critical section
USERENV(484.488) 17:35:48:636 CUserProfile::Initialize: Proccessing S-1-5-21-1801674531-1532298954-839522115-2471
USERENV(484.488) 17:35:48:636 CSyncManager::EnterLock <S-1-5-21-1801674531-1532298954-839522115-2471>
USERENV(484.488) 17:35:48:646 CSyncManager::EnterLock: No existing entry found
USERENV(484.488) 17:35:48:646 CSyncManager::EnterLock: New entry created
USERENV(484.488) 17:35:48:646 CHashTable::HashAdd: S-1-5-21-1801674531-1532298954-839522115-2471 added in bucket 17
USERENV(484.488) 17:35:48:646 CUserProfile::CleanupUserProfile: Enter critical section.
USERENV(484.488) 17:35:48:656 CUserProfile::GetRefCountAndFlags: Ref count is 0, state is 00000004
USERENV(484.488) 17:35:48:656 CSyncManager::LeaveLock <S-1-5-21-1801674531-1532298954-839522115-2471>
USERENV(484.488) 17:35:48:656 CSyncManager::LeaveLock: Lock released
USERENV(484.488) 17:35:48:656 CHashTable::HashDelete: S-1-5-21-1801674531-1532298954-839522115-2471 deleted
USERENV(484.488) 17:35:48:666 CSyncManager::LeaveLock: Lock deleted
USERENV(484.488) 17:35:48:666 CUserProfile::CleanupUserProfile: Leave critical section
USERENV(484.488) 17:35:48:666 CUserProfile::Initialize: Proccessing S-1-5-21-1801674531-1532298954-839522115-1151
USERENV(484.488) 17:35:48:666 CSyncManager::EnterLock <S-1-5-21-1801674531-1532298954-839522115-1151>
USERENV(484.488) 17:35:48:676 CSyncManager::EnterLock: No existing entry found
USERENV(484.488) 17:35:48:676 CSyncManager::EnterLock: New entry created
USERENV(484.488) 17:35:48:676 CHashTable::HashAdd: S-1-5-21-1801674531-1532298954-839522115-1151 added in bucket 11
USERENV(484.488) 17:35:48:676 CUserProfile::CleanupUserProfile: Enter critical section.
USERENV(484.488) 17:35:48:686 CUserProfile::GetRefCountAndFlags: Ref count is 0, state is 00000100
USERENV(484.488) 17:35:48:686 CSyncManager::LeaveLock <S-1-5-21-1801674531-1532298954-839522115-1151>
USERENV(484.488) 17:35:48:686 CSyncManager::LeaveLock: Lock released
USERENV(484.488) 17:35:48:686 CHashTable::HashDelete: S-1-5-21-1801674531-1532298954-839522115-1151 deleted
USERENV(484.488) 17:35:48:696 CSyncManager::LeaveLock: Lock deleted
USERENV(484.488) 17:35:48:696 CUserProfile::CleanupUserProfile: Leave critical section
USERENV(484.488) 17:35:48:696 CUserProfile::Initialize: Proccessing S-1-5-20
USERENV(484.488) 17:35:48:696 CSyncManager::EnterLock <S-1-5-20>
USERENV(484.488) 17:35:48:706 CSyncManager::EnterLock: No existing entry found
USERENV(484.488) 17:35:48:706 CSyncManager::EnterLock: New entry created
USERENV(484.488) 17:35:48:706 CHashTable::HashAdd: S-1-5-20 added in bucket 4
USERENV(484.488) 17:35:48:706 CUserProfile::CleanupUserProfile: Enter critical section.
USERENV(484.488) 17:35:48:706 CUserProfile::GetRefCountAndFlags: Ref count is 2, state is 00000000
USERENV(484.488) 17:35:48:716 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(484.488) 17:35:48:716 CSyncManager::LeaveLock <S-1-5-20>
USERENV(484.488) 17:35:48:716 CSyncManager::LeaveLock: Lock released
USERENV(484.488) 17:35:48:716 CHashTable::HashDelete: S-1-5-20 deleted
USERENV(484.488) 17:35:48:726 CSyncManager::LeaveLock: Lock deleted
USERENV(484.488) 17:35:48:726 CUserProfile::CleanupUserProfile: Leave critical section
USERENV(484.488) 17:35:48:726 CUserProfile::Initialize: Proccessing S-1-5-19
USERENV(484.488) 17:35:48:726 CSyncManager::EnterLock <S-1-5-19>
USERENV(484.488) 17:35:48:736 CSyncManager::EnterLock: No existing entry found
USERENV(484.488) 17:35:48:736 CSyncManager::EnterLock: New entry created
USERENV(484.488) 17:35:48:736 CHashTable::HashAdd: S-1-5-19 added in bucket 12
USERENV(484.488) 17:35:48:736 CUserProfile::CleanupUserProfile: Enter critical section.
USERENV(484.488) 17:35:48:746 CUserProfile::GetRefCountAndFlags: Ref count is 2, state is 00000000
USERENV(484.488) 17:35:48:746 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(484.488) 17:35:48:746 CSyncManager::LeaveLock <S-1-5-19>
USERENV(484.488) 17:35:48:746 CSyncManager::LeaveLock: Lock released
USERENV(484.488) 17:35:48:756 CHashTable::HashDelete: S-1-5-19 deleted
USERENV(484.488) 17:35:48:756 CSyncManager::LeaveLock: Lock deleted
USERENV(484.488) 17:35:48:756 CUserProfile::CleanupUserProfile: Leave critical section
USERENV(484.488) 17:35:48:756 CUserProfile::Initialize: Proccessing S-1-5-18
USERENV(484.488) 17:35:48:766 CSyncManager::EnterLock <S-1-5-18>
USERENV(484.488) 17:35:48:766 CSyncManager::EnterLock: No existing entry found
USERENV(484.488) 17:35:48:766 CSyncManager::EnterLock: New entry created
USERENV(484.488) 17:35:48:766 CHashTable::HashAdd: S-1-5-18 added in bucket 11
USERENV(484.488) 17:35:48:776 CUserProfile::CleanupUserProfile: Enter critical section.
USERENV(484.488) 17:35:48:776 CUserProfile::GetRefCountAndFlags: Ref count is 1, state is 00000000
USERENV(484.488) 17:35:48:776 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(484.488) 17:35:48:776 CSyncManager::LeaveLock <S-1-5-18>
USERENV(484.488) 17:35:48:786 CSyncManager::LeaveLock: Lock released
USERENV(484.488) 17:35:48:786 CHashTable::HashDelete: S-1-5-18 deleted
USERENV(484.488) 17:35:48:786 CSyncManager::LeaveLock: Lock deleted
USERENV(484.488) 17:35:48:786 CUserProfile::CleanupUserProfile: Leave critical section
USERENV(484.488) 17:35:48:796 CUserProfile::Initialize: RpcServerRegisterIfEx successful
USERENV(484.488) 17:35:48:796 Exiting CUserProfile::Initialize, successful
USERENV(4b4.4b8) 17:35:49:056 LibMain: Process Name:  C:\WINDOWS\system32\services.exe
USERENV(4c0.4c4) 17:35:49:146 LibMain: Process Name:  C:\WINDOWS\system32\lsass.exe
USERENV(484.488) 17:35:49:717 IsSyncForegroundPolicyRefresh: Asynchronous, Reason: NoNeedForSync
USERENV(574.578) 17:35:52:551 LibMain: Process Name:  C:\WINDOWS\system32\svchost.exe
USERENV(4b4.4b8) 17:35:52:732 LoadUserProfile: Yes, we can impersonate the user. Running as self
USERENV(4b4.4b8) 17:35:52:732 =========================================================
USERENV(4b4.4b8) 17:35:52:742 LoadUserProfile: Entering, hToken = <0x2d0>, lpProfileInfo = 0x7fcf8
USERENV(4b4.4b8) 17:35:52:742 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(4b4.4b8) 17:35:52:742 LoadUserProfile: lpProfileInfo->lpUserName = <NetworkService>
USERENV(4b4.4b8) 17:35:52:742 LoadUserProfile: NULL central profile path
USERENV(4b4.4b8) 17:35:52:742 LoadUserProfile: NULL default profile path
USERENV(4b4.4b8) 17:35:52:752 LoadUserProfile: NULL server name
USERENV(4b4.4b8) 17:35:52:752 GetInterface: Returning rpc binding handle
USERENV(484.5b0) 17:35:52:752 IProfileSecurityCallBack: client authenticated.
USERENV(484.5b0) 17:35:52:762 DropClientContext: Got client token 000005E8, sid = S-1-5-18
USERENV(484.5b0) 17:35:52:762 MIDL_user_allocate enter
USERENV(484.5b0) 17:35:52:762 DropClientContext: load profile object successfully made
USERENV(484.5b0) 17:35:52:762 DropClientContext: Returning 0
USERENV(4b4.4b8) 17:35:52:772 LoadUserProfile: Calling DropClientToken (as self) succeeded
USERENV(484.4a0) 17:35:52:772 IProfileSecurityCallBack: client authenticated.
USERENV(484.4a0) 17:35:52:772 In LoadUserProfileP
USERENV(484.4a0) 17:35:52:772 LoadUserProfile: Running as client
USERENV(484.4a0) 17:35:52:782 =========================================================
USERENV(484.4a0) 17:35:52:782 LoadUserProfile: Entering, hToken = <0x5ec>, lpProfileInfo = 0xdfbdf0
USERENV(484.4a0) 17:35:52:782 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(484.4a0) 17:35:52:782 LoadUserProfile: lpProfileInfo->lpUserName = <NetworkService>
USERENV(484.4a0) 17:35:52:792 LoadUserProfile: NULL central profile path
USERENV(484.4a0) 17:35:52:792 LoadUserProfile: NULL default profile path
USERENV(484.4a0) 17:35:52:792 LoadUserProfile: NULL server name
USERENV(484.4a0) 17:35:52:792 LoadUserProfile: User sid: S-1-5-20
USERENV(484.4a0) 17:35:52:792 CSyncManager::EnterLock <S-1-5-20>
USERENV(484.4a0) 17:35:52:802 CSyncManager::EnterLock: No existing entry found
USERENV(484.4a0) 17:35:52:802 CSyncManager::EnterLock: New entry created
USERENV(484.4a0) 17:35:52:802 CHashTable::HashAdd: S-1-5-20 added in bucket 4
USERENV(484.4a0) 17:35:52:802 LoadUserProfile: Wait succeeded. In critical section.
USERENV(484.4a0) 17:35:52:812 RestoreUserProfile:  Entering
USERENV(484.4a0) 17:35:52:812 IsCentralProfileReachable:  Entering
USERENV(484.4a0) 17:35:52:812 IsCentralProfileReachable:  Null path.  Leaving
USERENV(484.4a0) 17:35:52:812 RestoreUserProfile:  Profile path = <>
USERENV(484.4a0) 17:35:52:822 ExtractProfileFromBackup:  A profile already exists
USERENV(484.4a0) 17:35:52:822 PatchNewProfileIfRequred: A profile already exists with the current sid, exitting
USERENV(484.4a0) 17:35:52:822 CreateLocalProfileKey:  Not setting additional Security
USERENV(484.4a0) 17:35:52:822 GetExistingLocalProfileImage:  Found entry in profile list for existing local profile
USERENV(484.4a0) 17:35:52:832 GetExistingLocalProfileImage:  Local profile image filename = <%SystemDrive%\Documents and Settings\NetworkService>
USERENV(484.4a0) 17:35:52:832 GetExistingLocalProfileImage:  Expanded local profile image filename = <C:\Documents and Settings\NetworkService>
USERENV(484.4a0) 17:35:52:832 GetExistingLocalProfileImage:  No local mandatory profile.  Error = 2
USERENV(484.4a0) 17:35:52:832 GetExistingLocalProfileImage:  Found local profile image file ok <C:\Documents and Settings\NetworkService\ntuser.dat>
USERENV(484.4a0) 17:35:52:832 GetExistingLocalProfileImage:  Failed to query low profile unload time with error 2
USERENV(484.4a0) 17:35:52:842 Local Existing Profile Image is reachable
USERENV(484.4a0) 17:35:52:842 Local profile name is <C:\Documents and Settings\NetworkService>
USERENV(484.4a0) 17:35:52:842 RestoreUserProfile:  No central profile.  Attempting to load local profile.
USERENV(484.4a0) 17:35:52:852 MyRegLoadKey: Returning 00000000
USERENV(484.4a0) 17:35:52:852 GetUserDNSDomainName:  Domain name is NT Authority.  No DNS domain name available.
USERENV(484.4a0) 17:35:52:862 MyRegLoadKey: Returning 00000000
USERENV(484.4a0) 17:35:52:862 CreateClassHive: existing user classes hive found
USERENV(484.4a0) 17:35:52:862 RestoreUserProfile:  About to Leave.  Final Information follows:
USERENV(484.4a0) 17:35:52:872 Profile was successfully loaded.
USERENV(484.4a0) 17:35:52:872 lpProfile->lpRoamingProfile = <>
USERENV(484.4a0) 17:35:52:872 lpProfile->lpLocalProfile = <C:\Documents and Settings\NetworkService>
USERENV(484.4a0) 17:35:52:872 lpProfile->dwInternalFlags = 0x0
USERENV(484.4a0) 17:35:52:872 RestoreUserProfile:  Leaving.
USERENV(484.4a0) 17:35:52:932 UpgradeProfile: Entering
USERENV(484.4a0) 17:35:52:932 UpgradeProfile: Build numbers match
USERENV(484.4a0) 17:35:52:942 UpgradeProfile: Leaving Successfully
USERENV(484.4a0) 17:35:52:952 Profile Ref Count is 1
USERENV(484.4a0) 17:35:52:952 LoadUserProfile: Leaving critical Section.
USERENV(484.4a0) 17:35:52:962 CSyncManager::LeaveLock <S-1-5-20>
USERENV(484.4a0) 17:35:52:962 CSyncManager::LeaveLock: Lock released
USERENV(484.4a0) 17:35:52:962 CHashTable::HashDelete: S-1-5-20 deleted
USERENV(484.4a0) 17:35:52:962 CSyncManager::LeaveLock: Lock deleted
USERENV(484.4a0) 17:35:52:972 LoadUserProfile: Impersonated user: 000005ec, 000005f8
USERENV(4c0.51c) 17:35:52:972 GetUserDNSDomainName:  Domain name is NT Authority.  No DNS domain name available.
USERENV(4c0.51c) 17:35:52:972 GetUserDNSDomainName:  Domain name is NT Authority.  No DNS domain name available.
USERENV(484.4a0) 17:35:53:002 LoadUserProfile: Reverted to user: 00000000
USERENV(484.4a0) 17:35:53:002 LoadUserProfile: Reverted back to user <00000000>
USERENV(484.4a0) 17:35:53:002 LoadUserProfile: Leaving with a value of 1.
USERENV(484.4a0) 17:35:53:012 =========================================================
USERENV(484.4a0) 17:35:53:012 LoadUserProfileI: returning 0
USERENV(4b4.4b8) 17:35:53:012 LoadUserProfile: Running as self
USERENV(4b4.4b8) 17:35:53:012 LoadUserProfile: Calling LoadUserProfileI (as user) succeeded
USERENV(4b4.4b8) 17:35:53:022 LoadUserProfile:  Returning success.  Final Information follows:
USERENV(4b4.4b8) 17:35:53:022 lpProfileInfo->UserName = <NetworkService>
USERENV(4b4.4b8) 17:35:53:022 lpProfileInfo->lpProfilePath = <>
USERENV(4b4.4b8) 17:35:53:042 lpProfileInfo->dwFlags = 0x9
USERENV(484.5b0) 17:35:53:042 IProfileSecurityCallBack: client authenticated.
USERENV(484.5b0) 17:35:53:052 ReleaseClientContext: Releasing context
USERENV(484.5b0) 17:35:53:052 ReleaseClientContext_s: Releasing context
USERENV(484.5b0) 17:35:53:052 MIDL_user_free enter
USERENV(4b4.4b8) 17:35:53:052 ReleaseInterface: Releasing rpc binding handle
USERENV(4b4.4b8) 17:35:53:062 LoadUserProfile: Returning TRUE. hProfile = <0x334>
USERENV(4b4.4b8) 17:35:53:062 GetUserDNSDomainName:  Domain name is NT Authority.  No DNS domain name available.
USERENV(5b8.5bc) 17:35:53:092 LibMain: Process Name:  C:\WINDOWS\system32\svchost.exe
USERENV(680.684) 17:35:53:282 LibMain: Process Name:  C:\WINDOWS\System32\svchost.exe
USERENV(4b4.4b8) 17:35:53:332 LoadUserProfile: Yes, we can impersonate the user. Running as self
USERENV(4b4.4b8) 17:35:53:332 =========================================================
USERENV(4b4.4b8) 17:35:53:342 LoadUserProfile: Entering, hToken = <0x354>, lpProfileInfo = 0x7fcf8
USERENV(4b4.4b8) 17:35:53:342 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(4b4.4b8) 17:35:53:342 LoadUserProfile: lpProfileInfo->lpUserName = <NetworkService>
USERENV(4b4.4b8) 17:35:53:352 LoadUserProfile: NULL central profile path
USERENV(4b4.4b8) 17:35:53:352 LoadUserProfile: NULL default profile path
USERENV(4b4.4b8) 17:35:53:352 LoadUserProfile: NULL server name
USERENV(4b4.4b8) 17:35:53:362 GetInterface: Returning rpc binding handle
USERENV(484.4a0) 17:35:53:362 IProfileSecurityCallBack: client authenticated.
USERENV(484.4a0) 17:35:53:362 DropClientContext: Got client token 000005F4, sid = S-1-5-18
USERENV(484.4a0) 17:35:53:372 MIDL_user_allocate enter
USERENV(484.4a0) 17:35:53:372 DropClientContext: load profile object successfully made
USERENV(484.4a0) 17:35:53:372 DropClientContext: Returning 0
USERENV(4b4.4b8) 17:35:53:382 LoadUserProfile: Calling DropClientToken (as self) succeeded
USERENV(484.5b0) 17:35:53:783 IProfileSecurityCallBack: client authenticated.
USERENV(484.5b0) 17:35:53:793 In LoadUserProfileP
USERENV(484.5b0) 17:35:53:793 LoadUserProfile: Running as client
USERENV(484.5b0) 17:35:53:793 =========================================================
USERENV(484.5b0) 17:35:53:803 LoadUserProfile: Entering, hToken = <0x5fc>, lpProfileInfo = 0x8a9e8
USERENV(484.5b0) 17:35:53:803 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(484.5b0) 17:35:53:803 LoadUserProfile: lpProfileInfo->lpUserName = <NetworkService>
USERENV(484.5b0) 17:35:53:803 LoadUserProfile: NULL central profile path
USERENV(484.5b0) 17:35:53:813 LoadUserProfile: NULL default profile path
USERENV(484.5b0) 17:35:53:813 LoadUserProfile: NULL server name
USERENV(484.5b0) 17:35:53:813 LoadUserProfile: User sid: S-1-5-20
USERENV(484.5b0) 17:35:53:823 CSyncManager::EnterLock <S-1-5-20>
USERENV(484.5b0) 17:35:53:823 CSyncManager::EnterLock: No existing entry found
USERENV(484.5b0) 17:35:53:823 CSyncManager::EnterLock: New entry created
USERENV(484.5b0) 17:35:53:833 CHashTable::HashAdd: S-1-5-20 added in bucket 4
USERENV(484.5b0) 17:35:53:833 LoadUserProfile: Wait succeeded. In critical section.
USERENV(484.5b0) 17:35:53:833 TestIfUserProfileLoaded:  Profile already loaded.
USERENV(484.5b0) 17:35:53:833 Profile Ref Count is 2
USERENV(484.5b0) 17:35:53:843 LoadUserProfile: Leaving critical Section.
USERENV(484.5b0) 17:35:53:843 CSyncManager::LeaveLock <S-1-5-20>
USERENV(484.5b0) 17:35:53:843 CSyncManager::LeaveLock: Lock released
USERENV(484.5b0) 17:35:53:843 CHashTable::HashDelete: S-1-5-20 deleted
USERENV(484.5b0) 17:35:53:853 CSyncManager::LeaveLock: Lock deleted
USERENV(484.5b0) 17:35:53:853 LoadUserProfile: Impersonated user: 000005fc, 00000620
USERENV(484.5b0) 17:35:53:853 LoadUserProfile: Reverted to user: 00000000
USERENV(484.5b0) 17:35:53:853 LoadUserProfile: Reverted back to user <00000000>
USERENV(484.5b0) 17:35:53:853 LoadUserProfile: Leaving with a value of 1.
USERENV(484.5b0) 17:35:53:863 =========================================================
USERENV(484.5b0) 17:35:53:863 LoadUserProfileI: returning 0
USERENV(4b4.4b8) 17:35:53:863 LoadUserProfile: Running as self
USERENV(4b4.4b8) 17:35:53:873 LoadUserProfile: Calling LoadUserProfileI (as user) succeeded
USERENV(4b4.4b8) 17:35:53:873 LoadUserProfile:  Returning success.  Final Information follows:
USERENV(4b4.4b8) 17:35:53:883 lpProfileInfo->UserName = <NetworkService>
USERENV(4b4.4b8) 17:35:53:883 lpProfileInfo->lpProfilePath = <>
USERENV(4b4.4b8) 17:35:53:883 lpProfileInfo->dwFlags = 0x9
USERENV(484.4a0) 17:35:53:883 IProfileSecurityCallBack: client authenticated.
USERENV(484.4a0) 17:35:53:893 ReleaseClientContext: Releasing context
USERENV(484.4a0) 17:35:53:893 ReleaseClientContext_s: Releasing context
USERENV(484.4a0) 17:35:53:893 MIDL_user_free enter
USERENV(4b4.4b8) 17:35:53:893 ReleaseInterface: Releasing rpc binding handle
USERENV(4b4.4b8) 17:35:53:903 LoadUserProfile: Returning TRUE. hProfile = <0x374>
USERENV(4b4.4b8) 17:35:53:903 GetUserDNSDomainName:  Domain name is NT Authority.  No DNS domain name available.
USERENV(6c8.6cc) 17:35:53:933 LibMain: Process Name:  C:\WINDOWS\System32\svchost.exe
USERENV(4b4.4b8) 17:35:53:933 LoadUserProfile: Yes, we can impersonate the user. Running as self
USERENV(4b4.4b8) 17:35:53:953 =========================================================
USERENV(4b4.4b8) 17:35:53:953 LoadUserProfile: Entering, hToken = <0x388>, lpProfileInfo = 0x7fcf8
USERENV(4b4.4b8) 17:35:53:953 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(4b4.4b8) 17:35:53:953 LoadUserProfile: lpProfileInfo->lpUserName = <LocalService>
USERENV(4b4.4b8) 17:35:53:963 LoadUserProfile: NULL central profile path
USERENV(4b4.4b8) 17:35:53:963 LoadUserProfile: NULL default profile path
USERENV(4b4.4b8) 17:35:53:963 LoadUserProfile: NULL server name
USERENV(4b4.4b8) 17:35:53:963 GetInterface: Returning rpc binding handle
USERENV(484.5b0) 17:35:53:973 IProfileSecurityCallBack: client authenticated.
USERENV(484.5b0) 17:35:53:973 DropClientContext: Got client token 000005F4, sid = S-1-5-18
USERENV(484.5b0) 17:35:53:973 MIDL_user_allocate enter
USERENV(484.5b0) 17:35:53:973 DropClientContext: load profile object successfully made
USERENV(484.5b0) 17:35:53:983 DropClientContext: Returning 0
USERENV(4b4.4b8) 17:35:53:983 LoadUserProfile: Calling DropClientToken (as self) succeeded
USERENV(484.4a0) 17:35:53:983 IProfileSecurityCallBack: client authenticated.
USERENV(484.4a0) 17:35:53:983 In LoadUserProfileP
USERENV(484.4a0) 17:35:53:993 LoadUserProfile: Running as client
USERENV(484.4a0) 17:35:53:993 =========================================================
USERENV(484.4a0) 17:35:53:993 LoadUserProfile: Entering, hToken = <0x5fc>, lpProfileInfo = 0x8a9c0
USERENV(484.4a0) 17:35:53:993 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(484.4a0) 17:35:54:003 LoadUserProfile: lpProfileInfo->lpUserName = <LocalService>
USERENV(484.4a0) 17:35:54:003 LoadUserProfile: NULL central profile path
USERENV(484.4a0) 17:35:54:003 LoadUserProfile: NULL default profile path
USERENV(484.4a0) 17:35:54:003 LoadUserProfile: NULL server name
USERENV(484.4a0) 17:35:54:013 LoadUserProfile: User sid: S-1-5-19
USERENV(484.4a0) 17:35:54:013 CSyncManager::EnterLock <S-1-5-19>
USERENV(484.4a0) 17:35:54:013 CSyncManager::EnterLock: No existing entry found
USERENV(484.4a0) 17:35:54:013 CSyncManager::EnterLock: New entry created
USERENV(484.4a0) 17:35:54:013 CHashTable::HashAdd: S-1-5-19 added in bucket 12
USERENV(484.4a0) 17:35:54:023 LoadUserProfile: Wait succeeded. In critical section.
USERENV(484.4a0) 17:35:54:023 RestoreUserProfile:  Entering
USERENV(484.4a0) 17:35:54:023 IsCentralProfileReachable:  Entering
USERENV(484.4a0) 17:35:54:023 IsCentralProfileReachable:  Null path.  Leaving
USERENV(484.4a0) 17:35:54:033 RestoreUserProfile:  Profile path = <>
USERENV(484.4a0) 17:35:54:033 ExtractProfileFromBackup:  A profile already exists
USERENV(484.4a0) 17:35:54:033 PatchNewProfileIfRequred: A profile already exists with the current sid, exitting
USERENV(484.4a0) 17:35:54:033 CreateLocalProfileKey:  Not setting additional Security
USERENV(484.4a0) 17:35:54:043 GetExistingLocalProfileImage:  Found entry in profile list for existing local profile
USERENV(484.4a0) 17:35:54:043 GetExistingLocalProfileImage:  Local profile image filename = <%SystemDrive%\Documents and Settings\LocalService>
USERENV(484.4a0) 17:35:54:043 GetExistingLocalProfileImage:  Expanded local profile image filename = <C:\Documents and Settings\LocalService>
USERENV(484.4a0) 17:35:54:043 GetExistingLocalProfileImage:  No local mandatory profile.  Error = 2
USERENV(484.4a0) 17:35:54:043 GetExistingLocalProfileImage:  Found local profile image file ok <C:\Documents and Settings\LocalService\ntuser.dat>
USERENV(484.4a0) 17:35:54:053 GetExistingLocalProfileImage:  Failed to query low profile unload time with error 2
USERENV(484.4a0) 17:35:54:053 Local Existing Profile Image is reachable
USERENV(484.4a0) 17:35:54:053 Local profile name is <C:\Documents and Settings\LocalService>
USERENV(484.4a0) 17:35:54:053 RestoreUserProfile:  No central profile.  Attempting to load local profile.
USERENV(484.4a0) 17:35:54:063 MyRegLoadKey: Returning 00000000
USERENV(484.4a0) 17:35:54:063 GetUserDNSDomainName:  Domain name is NT Authority.  No DNS domain name available.
USERENV(484.4a0) 17:35:54:073 MyRegLoadKey: Returning 00000000
USERENV(484.4a0) 17:35:54:073 CreateClassHive: existing user classes hive found
USERENV(484.4a0) 17:35:54:083 RestoreUserProfile:  About to Leave.  Final Information follows:
USERENV(484.4a0) 17:35:54:083 Profile was successfully loaded.
USERENV(484.4a0) 17:35:54:083 lpProfile->lpRoamingProfile = <>
USERENV(484.4a0) 17:35:54:083 lpProfile->lpLocalProfile = <C:\Documents and Settings\LocalService>
USERENV(484.4a0) 17:35:54:083 lpProfile->dwInternalFlags = 0x0
USERENV(484.4a0) 17:35:54:093 RestoreUserProfile:  Leaving.
USERENV(484.4a0) 17:35:54:093 UpgradeProfile: Entering
USERENV(484.4a0) 17:35:54:093 UpgradeProfile: Build numbers match
USERENV(484.4a0) 17:35:54:093 UpgradeProfile: Leaving Successfully
USERENV(484.4a0) 17:35:54:194 Profile Ref Count is 1
USERENV(484.4a0) 17:35:54:194 LoadUserProfile: Leaving critical Section.
USERENV(484.4a0) 17:35:54:194 CSyncManager::LeaveLock <S-1-5-19>
USERENV(484.4a0) 17:35:54:194 CSyncManager::LeaveLock: Lock released
USERENV(484.4a0) 17:35:54:204 CHashTable::HashDelete: S-1-5-19 deleted
USERENV(484.4a0) 17:35:54:204 CSyncManager::LeaveLock: Lock deleted
USERENV(484.4a0) 17:35:54:204 LoadUserProfile: Impersonated user: 000005fc, 00000620
USERENV(4c0.548) 17:35:54:204 GetUserDNSDomainName:  Domain name is NT Authority.  No DNS domain name available.
USERENV(4c0.548) 17:35:54:214 GetUserDNSDomainName:  Domain name is NT Authority.  No DNS domain name available.
USERENV(484.488) 17:35:54:214 IsSyncForegroundPolicyRefresh: Asynchronous, Reason: NoNeedForSync
USERENV(484.4a0) 17:35:54:274 LoadUserProfile: Reverted to user: 00000000
USERENV(484.4a0) 17:35:54:274 LoadUserProfile: Reverted back to user <00000000>
USERENV(484.4a0) 17:35:54:274 LoadUserProfile: Leaving with a value of 1.
USERENV(484.4a0) 17:35:54:274 =========================================================
USERENV(484.4a0) 17:35:54:284 LoadUserProfileI: returning 0
USERENV(484.750) 17:35:54:284 IsSyncForegroundPolicyRefresh: Asynchronous, Reason: NoNeedForSync
USERENV(4b4.4b8) 17:35:54:314 LoadUserProfile: Running as self
USERENV(4b4.4b8) 17:35:54:334 LoadUserProfile: Calling LoadUserProfileI (as user) succeeded
USERENV(4b4.4b8) 17:35:54:344 LoadUserProfile:  Returning success.  Final Information follows:
USERENV(4b4.4b8) 17:35:54:344 lpProfileInfo->UserName = <LocalService>
USERENV(4b4.4b8) 17:35:54:344 lpProfileInfo->lpProfilePath = <>
USERENV(4b4.4b8) 17:35:54:344 lpProfileInfo->dwFlags = 0x9
USERENV(484.5b0) 17:35:54:354 IProfileSecurityCallBack: client authenticated.
USERENV(484.5b0) 17:35:54:354 ReleaseClientContext: Releasing context
USERENV(484.5b0) 17:35:54:354 ReleaseClientContext_s: Releasing context
USERENV(484.5b0) 17:35:54:354 MIDL_user_free enter
USERENV(4b4.4b8) 17:35:54:364 ReleaseInterface: Releasing rpc binding handle
USERENV(4b4.4b8) 17:35:54:364 LoadUserProfile: Returning TRUE. hProfile = <0x38c>
USERENV(4b4.4b8) 17:35:54:374 GetUserDNSDomainName:  Domain name is NT Authority.  No DNS domain name available.
USERENV(770.774) 17:35:54:424 LibMain: Process Name:  C:\WINDOWS\System32\svchost.exe
USERENV(204.26c) 17:35:56:978 LibMain: Process Name:  C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
USERENV(2d8.638) 17:35:57:298 LibMain: Process Name:  C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
USERENV(1e8.650) 17:35:57:438 LibMain: Process Name:  C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
USERENV(1f4.200) 17:35:58:500 LibMain: Process Name:  C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
USERENV(1d8.1e4) 17:35:58:540 LibMain: Process Name:  C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
USERENV(7d0.7f0) 17:35:59:752 LibMain: Process Name:  C:\WINDOWS\system32\spoolsv.exe
USERENV(364.368) 17:36:24:497 LibMain: Process Name:  C:\WINDOWS\System32\svchost.exe
USERENV(3ac.3b0) 17:36:24:948 LibMain: Process Name:  C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
USERENV(2cc.3e0) 17:36:26:260 LibMain: Process Name:  C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
USERENV(420.450) 17:36:27:151 LibMain: Process Name:  C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
USERENV(484.750) 17:36:37:045 ApplyGroupPolicy: Entering. Flags = f
USERENV(484.750) 17:36:37:045 ProcessGPOs:
USERENV(484.750) 17:36:37:055 ProcessGPOs:
USERENV(484.750) 17:36:37:055 ProcessGPOs:  Starting computer Group Policy (Async forground) processing...
USERENV(484.750) 17:36:37:065 ProcessGPOs:
USERENV(484.750) 17:36:37:065 ProcessGPOs:
USERENV(484.750) 17:36:37:075 EnterCriticalPolicySectionEx: Entering with timeout 600000 and flags 0x0
USERENV(484.750) 17:36:37:075 EnterCriticalPolicySectionEx: Machine critical section has been claimed.  Handle = 0x718
USERENV(484.750) 17:36:37:075 EnterCriticalPolicySectionEx: Leaving successfully.
USERENV(484.750) 17:36:37:085 ProcessGPOs:  Machine role is 2.
USERENV(484.750) 17:36:37:085 ProcessGPOs: The DC for domain xxxxxxxx is not available at startup. retrying
USERENV(484.750) 17:36:37:095 RetryDCContactAtMachineStartup: Enter.
USERENV(484.6f4) 17:36:37:506 IsSyncForegroundPolicyRefresh: Asynchronous, Reason: NoNeedForSync
USERENV(484.488) 17:36:37:556 LoadUserProfile: Yes, we can impersonate the user. Running as self
USERENV(484.488) 17:36:37:566 =========================================================
USERENV(484.488) 17:36:37:566 LoadUserProfile: Entering, hToken = <0x6e4>, lpProfileInfo = 0x6e3e0
USERENV(484.488) 17:36:37:576 LoadUserProfile: lpProfileInfo->dwFlags = <0x0>
USERENV(484.488) 17:36:37:576 LoadUserProfile: lpProfileInfo->lpUserName = <Administrator>
USERENV(484.488) 17:36:37:576 LoadUserProfile: NULL central profile path
USERENV(484.488) 17:36:37:586 LoadUserProfile: lpProfileInfo->lpDefaultPath = <\\BHDC\netlogon\Default User>
USERENV(484.488) 17:36:37:596 LoadUserProfile: NULL server name
USERENV(484.488) 17:36:37:606 LoadUserProfile: In console winlogon process
USERENV(484.488) 17:36:37:606 In LoadUserProfileP
USERENV(484.488) 17:36:37:616 =========================================================
USERENV(484.488) 17:36:37:616 LoadUserProfile: Entering, hToken = <0x6e4>, lpProfileInfo = 0x6e3e0
USERENV(484.488) 17:36:37:626 LoadUserProfile: lpProfileInfo->dwFlags = <0x0>
USERENV(484.488) 17:36:37:626 LoadUserProfile: lpProfileInfo->lpUserName = <Administrator>
USERENV(484.488) 17:36:37:636 LoadUserProfile: NULL central profile path
USERENV(484.488) 17:36:37:636 LoadUserProfile: lpProfileInfo->lpDefaultPath = <\\BHDC\netlogon\Default User>
USERENV(484.488) 17:36:37:646 LoadUserProfile: NULL server name
USERENV(484.488) 17:36:37:646 LoadUserProfile: User sid: S-1-5-21-1801674531-1532298954-839522115-500
USERENV(484.488) 17:36:37:646 CSyncManager::EnterLock <S-1-5-21-1801674531-1532298954-839522115-500>
USERENV(484.488) 17:36:37:656 CSyncManager::EnterLock: No existing entry found
USERENV(484.488) 17:36:37:656 CSyncManager::EnterLock: New entry created
USERENV(484.488) 17:36:37:666 CHashTable::HashAdd: S-1-5-21-1801674531-1532298954-839522115-500 added in bucket 6
USERENV(484.488) 17:36:37:666 LoadUserProfile: Wait succeeded. In critical section.
USERENV(484.488) 17:36:37:676 RestoreUserProfile:  Entering
USERENV(484.488) 17:36:37:676 RestoreUserProfile:  User is a Admin
USERENV(484.488) 17:36:37:686 IsCentralProfileReachable:  Entering
USERENV(484.488) 17:36:37:686 IsCentralProfileReachable:  Null path.  Leaving
USERENV(484.488) 17:36:37:696 RestoreUserProfile:  Profile path = <>
USERENV(484.488) 17:36:37:696 ExtractProfileFromBackup:  A profile already exists
USERENV(484.488) 17:36:37:696 PatchNewProfileIfRequred: A profile already exists with the current sid, exitting
USERENV(484.488) 17:36:37:696 CreateLocalProfileKey:  Not setting additional Security
USERENV(484.488) 17:36:37:696 GetExistingLocalProfileImage:  Found entry in profile list for existing local profile
USERENV(484.488) 17:36:37:706 GetExistingLocalProfileImage:  Local profile image filename = <%SystemDrive%\Documents and Settings\administrator.xxxxxxxx>
USERENV(484.488) 17:36:37:706 GetExistingLocalProfileImage:  Expanded local profile image filename = <C:\Documents and Settings\administrator.xxxxxxx>
USERENV(484.488) 17:36:37:736 GetExistingLocalProfileImage:  No local mandatory profile.  Error = 2
USERENV(484.488) 17:36:37:736 GetExistingLocalProfileImage:  Found local profile image file ok <C:\Documents and Settings\administrator.xxxxxxx\ntuser.dat>
USERENV(484.488) 17:36:37:736 GetExistingLocalProfileImage:  Failed to query low profile unload time with error 2
USERENV(484.488) 17:36:37:746 Local Existing Profile Image is reachable
USERENV(484.488) 17:36:37:746 Local profile name is <C:\Documents and Settings\administrator.xxxxxxxx>
USERENV(484.488) 17:36:37:746 RestoreUserProfile:  No central profile.  Attempting to load local profile.
USERENV(484.488) 17:36:37:836 MyRegLoadKey: Returning 00000000
USERENV(484.488) 17:36:38:027 MyRegLoadKey: Returning 00000000
USERENV(484.488) 17:36:38:027 CreateClassHive: existing user classes hive found
USERENV(484.488) 17:36:38:037 RestoreUserProfile:  About to Leave.  Final Information follows:
USERENV(484.488) 17:36:38:037 Profile was successfully loaded.
USERENV(484.488) 17:36:38:037 lpProfile->lpRoamingProfile = <>
USERENV(484.488) 17:36:38:037 lpProfile->lpLocalProfile = <C:\Documents and Settings\administrator.xxxxxxxx>
USERENV(484.488) 17:36:38:037 lpProfile->dwInternalFlags = 0x100
USERENV(484.488) 17:36:38:047 RestoreUserProfile:  Leaving.
USERENV(484.488) 17:36:38:047 UpgradeProfile: Entering
USERENV(484.488) 17:36:38:047 UpgradeProfile: Build numbers match
USERENV(484.488) 17:36:38:047 UpgradeProfile: Leaving Successfully
USERENV(484.488) 17:36:38:077 Profile Ref Count is 1
USERENV(484.488) 17:36:38:077 LoadUserProfile: Leaving critical Section.
USERENV(484.488) 17:36:38:077 CSyncManager::LeaveLock <S-1-5-21-1801674531-1532298954-839522115-500>
USERENV(484.488) 17:36:38:087 CSyncManager::LeaveLock: Lock released
USERENV(484.488) 17:36:38:087 CHashTable::HashDelete: S-1-5-21-1801674531-1532298954-839522115-500 deleted
USERENV(484.488) 17:36:38:087 CSyncManager::LeaveLock: Lock deleted
USERENV(484.488) 17:36:38:087 LoadUserProfile: Impersonated user: 000006e4, 00000000
USERENV(484.488) 17:36:38:157 LoadUserProfile: Reverted to user: 00000000
USERENV(484.488) 17:36:38:157 LoadUserProfile: Leaving with a value of 1.
USERENV(484.488) 17:36:38:157 =========================================================
USERENV(484.488) 17:36:38:157 LoadUserProfile: LoadUserProfileP succeeded
USERENV(484.488) 17:36:38:167 LoadUserProfile:  Returning success.  Final Information follows:
USERENV(484.488) 17:36:38:167 lpProfileInfo->UserName = <Administrator>
USERENV(484.488) 17:36:38:167 lpProfileInfo->lpProfilePath = <>
USERENV(484.488) 17:36:38:167 lpProfileInfo->dwFlags = 0x0
USERENV(484.488) 17:36:38:167 LoadUserProfile: Returning TRUE. hProfile = <0x744>
USERENV(484.488) 17:36:38:577 IsSyncForegroundPolicyRefresh: Asynchronous, Reason: NoNeedForSync
USERENV(484.dc) 17:36:38:587 IsSyncForegroundPolicyRefresh: Asynchronous, Reason: NoNeedForSync
USERENV(484.488) 17:36:39:429 IsSyncForegroundPolicyRefresh: Asynchronous, Reason: NoNeedForSync
USERENV(164.bc) 17:36:39:789 LibMain: Process Name:  C:\WINDOWS\system32\userinit.exe
USERENV(164.bc) 17:36:40:210 CheckXForestLogon: checking x-forest logon, user handle = 136
USERENV(164.bc) 17:36:40:300 CheckXForestLogon: not XForest logon.
USERENV(2d0.2fc) 17:36:40:701 LibMain: Process Name:  C:\WINDOWS\Explorer.EXE
USERENV(2d0.31c) 17:36:42:082 GetProfileType:  Profile already loaded.
USERENV(2d0.31c) 17:36:42:082 GetProfileType: ProfileFlags is 0
USERENV(2d0.31c) 17:36:42:153 GetProfileType:  Profile already loaded.
USERENV(2d0.31c) 17:36:42:153 GetProfileType: ProfileFlags is 0
USERENV(864.868) 17:36:46:869 LibMain: Process Name:  C:\Program Files\Common Files\Symantec Shared\ccApp.exe
USERENV(888.920) 17:36:49:924 LibMain: Process Name:  C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
USERENV(964.968) 17:36:51:085 LibMain: Process Name:  C:\WINDOWS\system32\ctfmon.exe
USERENV(938.93c) 17:36:55:322 LibMain: Process Name:  C:\Program Files\Symantec Client Security\Symantec AntiVirus\DoScan.exe
USERENV(ac0.ac4) 17:36:56:233 LibMain: Process Name:  C:\WINDOWS\System32\WScript.exe
USERENV(b04.b08) 17:36:58:116 LibMain: Process Name:  C:\Program Files\xxxxxxxx\xxxxxx\ Server\BHServer.exe
USERENV(ac8.acc) 17:37:01:520 LibMain: Process Name:  C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
USERENV(720.6a0) 17:37:09:562 LibMain: Process Name:  C:\WINDOWS\System32\hkcmd.exe
USERENV(788.588) 17:37:09:562 LibMain: Process Name:  C:\WINDOWS\System32\igfxtray.exe
USERENV(bdc.be0) 17:37:11:745 LibMain: Process Name:  C:\WINDOWS\System32\wbem\wmiprvse.exe
USERENV(c84.c88) 17:37:17:023 LibMain: Process Name:  C:\WINDOWS\system32\wuauclt.exe
USERENV(4b4.844) 17:37:30:222 LoadUserProfile: Yes, we can impersonate the user. Running as self
USERENV(4b4.844) 17:37:30:222 =========================================================
USERENV(4b4.844) 17:37:30:232 LoadUserProfile: Entering, hToken = <0x570>, lpProfileInfo = 0xfff6ec
USERENV(4b4.844) 17:37:30:232 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(4b4.844) 17:37:30:232 LoadUserProfile: lpProfileInfo->lpUserName = <LocalService>
USERENV(4b4.844) 17:37:30:232 LoadUserProfile: NULL central profile path
USERENV(4b4.844) 17:37:30:232 LoadUserProfile: NULL default profile path
USERENV(4b4.844) 17:37:30:242 LoadUserProfile: NULL server name
USERENV(4b4.844) 17:37:30:242 GetInterface: Returning rpc binding handle
USERENV(484.40c) 17:37:30:242 IProfileSecurityCallBack: client authenticated.
USERENV(484.40c) 17:37:30:242 DropClientContext: Got client token 00000738, sid = S-1-5-18
USERENV(484.40c) 17:37:30:252 MIDL_user_allocate enter
USERENV(484.40c) 17:37:30:252 DropClientContext: load profile object successfully made
USERENV(484.40c) 17:37:30:252 DropClientContext: Returning 0
USERENV(4b4.844) 17:37:30:252 LoadUserProfile: Calling DropClientToken (as self) succeeded
USERENV(484.5b0) 17:37:30:252 IProfileSecurityCallBack: client authenticated.
USERENV(484.5b0) 17:37:30:262 In LoadUserProfileP
USERENV(484.5b0) 17:37:30:262 LoadUserProfile: Running as client
USERENV(484.5b0) 17:37:30:262 =========================================================
USERENV(484.5b0) 17:37:30:262 LoadUserProfile: Entering, hToken = <0x6d8>, lpProfileInfo = 0xe3cad0
USERENV(484.5b0) 17:37:30:272 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(484.5b0) 17:37:30:272 LoadUserProfile: lpProfileInfo->lpUserName = <LocalService>
USERENV(484.5b0) 17:37:30:272 LoadUserProfile: NULL central profile path
USERENV(484.5b0) 17:37:30:272 LoadUserProfile: NULL default profile path
USERENV(484.5b0) 17:37:30:272 LoadUserProfile: NULL server name
USERENV(484.5b0) 17:37:30:282 LoadUserProfile: User sid: S-1-5-19
USERENV(484.5b0) 17:37:30:282 CSyncManager::EnterLock <S-1-5-19>
USERENV(484.5b0) 17:37:30:282 CSyncManager::EnterLock: No existing entry found
USERENV(484.5b0) 17:37:30:282 CSyncManager::EnterLock: New entry created
USERENV(484.5b0) 17:37:30:282 CHashTable::HashAdd: S-1-5-19 added in bucket 12
USERENV(484.5b0) 17:37:30:292 LoadUserProfile: Wait succeeded. In critical section.
USERENV(484.5b0) 17:37:30:292 TestIfUserProfileLoaded:  Profile already loaded.
USERENV(484.5b0) 17:37:30:292 Profile Ref Count is 2
USERENV(484.5b0) 17:37:30:292 LoadUserProfile: Leaving critical Section.
USERENV(484.5b0) 17:37:30:292 CSyncManager::LeaveLock <S-1-5-19>
USERENV(484.5b0) 17:37:30:302 CSyncManager::LeaveLock: Lock released
USERENV(484.5b0) 17:37:30:302 CHashTable::HashDelete: S-1-5-19 deleted
USERENV(484.5b0) 17:37:30:302 CSyncManager::LeaveLock: Lock deleted
USERENV(484.5b0) 17:37:30:302 LoadUserProfile: Impersonated user: 000006d8, 00000890
USERENV(484.5b0) 17:37:30:302 LoadUserProfile: Reverted to user: 00000000
USERENV(484.5b0) 17:37:30:302 LoadUserProfile: Reverted back to user <00000000>
USERENV(484.5b0) 17:37:30:312 LoadUserProfile: Leaving with a value of 1.
USERENV(484.5b0) 17:37:30:312 =========================================================
USERENV(484.5b0) 17:37:30:312 LoadUserProfileI: returning 0
USERENV(4b4.844) 17:37:30:312 LoadUserProfile: Running as self
USERENV(4b4.844) 17:37:30:322 LoadUserProfile: Calling LoadUserProfileI (as user) succeeded
USERENV(4b4.844) 17:37:30:322 LoadUserProfile:  Returning success.  Final Information follows:
USERENV(4b4.844) 17:37:30:322 lpProfileInfo->UserName = <LocalService>
USERENV(4b4.844) 17:37:30:322 lpProfileInfo->lpProfilePath = <>
USERENV(4b4.844) 17:37:30:332 lpProfileInfo->dwFlags = 0x9
USERENV(484.4a0) 17:37:30:332 IProfileSecurityCallBack: client authenticated.
USERENV(484.4a0) 17:37:30:332 ReleaseClientContext: Releasing context
USERENV(484.4a0) 17:37:30:332 ReleaseClientContext_s: Releasing context
USERENV(484.4a0) 17:37:30:332 MIDL_user_free enter
USERENV(4b4.844) 17:37:30:342 ReleaseInterface: Releasing rpc binding handle
USERENV(4b4.844) 17:37:30:342 LoadUserProfile: Returning TRUE. hProfile = <0x55c>
USERENV(4b4.844) 17:37:30:342 GetUserDNSDomainName:  Domain name is NT Authority.  No DNS domain name available.
USERENV(f1c.f20) 17:37:30:702 LibMain: Process Name:  C:\WINDOWS\System32\alg.exe
USERENV(484.750) 17:37:38:444 RetryDCContactAtMachineStartup:  Tried to call GetDomainControllerInfo 30 times.
USERENV(484.750) 17:37:38:444 RetryDCContactAtMachineStartup:  Exit with status 1355.
USERENV(484.750) 17:37:38:444 ProcessGPOs: The DC for domain xxxxxxx is not available after retries.
USERENV(484.750) 17:37:38:444 ProcessGPOs: The DC for domain xxxxxxx is not available. aborting
USERENV(484.750) 17:37:38:504 ProcessGPOs: No WMI logging done in this policy cycle.
USERENV(484.750) 17:37:38:514 ProcessGPOs: Processing failed with error 1355.
USERENV(484.750) 17:37:38:524 LeaveCriticalPolicySection: Critical section 0x718 has been released.
USERENV(484.750) 17:37:38:524 ProcessGPOs: Computer Group Policy has been applied.
USERENV(484.750) 17:37:38:524 ProcessGPOs: Leaving with 0.
USERENV(484.750) 17:37:38:534 ApplyGroupPolicy: Leaving successfully.
USERENV(484.dc) 17:37:38:534 ApplyGroupPolicy: Entering. Flags = e
USERENV(484.dc) 17:37:38:534 ProcessGPOs:
USERENV(484.dc) 17:37:38:534 ProcessGPOs:
USERENV(484.dc) 17:37:38:544 ProcessGPOs: Starting user Group Policy (Async forground) processing...
USERENV(484.dc) 17:37:38:544 ProcessGPOs:
USERENV(484.dc) 17:37:38:544 ProcessGPOs:
USERENV(484.dc) 17:37:38:544 EnterCriticalPolicySectionEx: Entering with timeout 600000 and flags 0x0
USERENV(484.dc) 17:37:38:544 EnterCriticalPolicySectionEx: User critical section has been claimed.  Handle = 0x84c
USERENV(484.dc) 17:37:38:544 EnterCriticalPolicySectionEx: Leaving successfully.
USERENV(484.dc) 17:37:38:554 ProcessGPOs:  Machine role is 2.
USERENV(484.dc) 17:37:38:554 ProcessGPOs: The DC for domain xxxxxx  is not available. aborting
USERENV(484.dc) 17:37:38:554 ProcessGPOs: No WMI logging done in this policy cycle.
USERENV(484.dc) 17:37:38:554 ProcessGPOs: Processing failed with error 1355.
USERENV(484.dc) 17:37:38:564 LeaveCriticalPolicySection: Critical section 0x84c has been released.
USERENV(484.dc) 17:37:38:564 ProcessGPOs: User Group Policy has been applied.
USERENV(484.dc) 17:37:38:564 ProcessGPOs: Leaving with 0.
USERENV(484.dc) 17:37:38:564 ApplyGroupPolicy: Leaving successfully.
USERENV(484.740) 17:37:38:884 GPOThread:  Next refresh will happen in 114 minutes
USERENV(c5c.c58) 17:37:39:265 LibMain: Process Name:  C:\WINDOWS\system32\userinit.exe
USERENV(4c0.4e0) 17:37:50:150 ImpersonateUser: Failed to impersonate user with 5.
USERENV(4c0.4e0) 17:37:50:150 GetUserNameAndDomain Failed to impersonate user
USERENV(4c0.4e0) 17:37:50:160 ImpersonateUser: Failed to impersonate user with 5.
USERENV(4c0.4e0) 17:37:50:160 GetUserDNSDomainName: Failed to impersonate user
USERENV(2f0.2f4) 17:37:50:351 LibMain: Process Name:  C:\WINDOWS\system32\rundll32.exe
USERENV(914.92c) 17:38:03:059 LibMain: Process Name:  C:\WINDOWS\system32\NOTEPAD.EXE
0
 
LVL 1

Expert Comment

by:grigory7811
ID: 16982538
1. on one of affected computers type in command-line "ipconfig /all" and check that your DNS domain name is first in DNS Suffix Search List
2. on one of affected computers type in command-line "nslookup your-domain-dns-name" and check that all returned addresses points only to your DCs
0
 
LVL 1

Expert Comment

by:grigory7811
ID: 16982558
3. on one of affected computers type in command-line "ipconfig /all" and check that all DNS Servers points only to your DCs
0
 
LVL 1

Author Comment

by:ddh76
ID: 16983201
1.  All fine.
2. There are 3 addresses, one of which points to an APIPA address?  169.254.x.x? The other addresses are the 2 DCs.
3.  Fine.

Any thoughts?

0
 
LVL 1

Author Comment

by:ddh76
ID: 16983242
Incidentally, what is the difference between a USERDOMAIN and a USERDNSDOMAIN...?
0
 
LVL 1

Expert Comment

by:grigory7811
ID: 16984060
1. go to DNS snap-in
2. expand Forward Lookup Zones, right-click on your-domain-dns-name , go to Name Servers tab and remove any entries except your DCs
3. expand your-domain-dns-name , remove any entries "{same is parent folder} Host (A) x.x.x.x" except that points on your DCs
4. wait 20 minutes for replica or replicate domain manualy
5. on one of affected computers type in command-line "nslookup your-domain-dns-name" and check that all returned addresses points only to your DCs
6. if all Ok restart affected computer and check application log


USERDOMAIN is NETBIOS name of your domain
USERDNSDOMAIN is DNS name of your domain
0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 16986969
Hello DDH76,

Problems in your log are here;
USERENV(484.750) 17:36:37:085 ProcessGPOs: The DC for domain xxxxxxxx is not available at startup. retrying
USERENV(484.750) 17:37:38:444 RetryDCContactAtMachineStartup:  Tried to call GetDomainControllerInfo 30 times
USERENV(484.750) 17:37:38:444 RetryDCContactAtMachineStartup:  Exit with status 1355.
0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 16986985
USERENV(484.750) 17:37:38:444 ProcessGPOs: The DC for domain xxxxxxx is not available after retries.
USERENV(484.750) 17:37:38:444 ProcessGPOs: The DC for domain xxxxxxx is not available. aborting
USERENV(484.750) 17:37:38:504 ProcessGPOs: No WMI logging done in this policy cycle.
This problem may occur if the Group Policy engine or Active Directory times out while it waits for the network to start. A race condition may occur between the TCP/IP protocol and the network adaptor driver when they try to register with the Microsoft Network Driver Interface Specification (NDIS). If the TCP/IP protocol registers with NDIS before the network adaptor driver, for a short time it prompts higher user mode networking components that network connectivity is not available. During this short time, the Group Policy startup script cannot be downloaded.
This problem is more likely to occur on fast networks that use 1 gigahertz (GHz) network adaptors or in teaming environments where the network takes several additional cycles to negotiate link speed.

Click here for solution > http://support.microsoft.com/kb/840669
Engineer_Dell
0
 
LVL 1

Author Comment

by:ddh76
ID: 16990510
I have downloaded this fix and it is already a part of Windows XP SP2 which all the client machines have isn't it?

Any other ideas?
0
 
LVL 1

Expert Comment

by:grigory7811
ID: 16990920
Have you fixed DNS issues?

0
 
LVL 1

Expert Comment

by:grigory7811
ID: 16990946
I had many problems with domain infrastructure when firewalling enabled between DC and user's computer
Try to disable Symantec Firewall on affected computer, restart computer and check application log

0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 1

Author Comment

by:ddh76
ID: 16991097
DNS issues fixed.  I have disabled the firewall and I still get the error in Event Viewer that says that there is no Domain Controller available.

Any further ideas?
0
 
LVL 1

Author Comment

by:ddh76
ID: 16991102
In any case, surely you need a Firewall on client PCs?
0
 
LVL 9

Expert Comment

by:bigjimbo813
ID: 16994868
firewalls on client machines help prevent an outbreak of internal virus's. Yet they can cause more administrative overhead if not properly configured.
0
 
LVL 9

Expert Comment

by:bigjimbo813
ID: 16994875
i thought my initial post resolved your issue?
0
 
LVL 1

Author Comment

by:ddh76
ID: 16999668
Well, I want to know why the Group Policies aren't being loaded on login to the Network?
0
 
LVL 1

Author Comment

by:ddh76
ID: 16999682
Anyway, I have disabled the firewall and the Group Policies are still not being applied so it can't be/unlikely to be the firewall surely?
0
 
LVL 1

Expert Comment

by:grigory7811
ID: 17000354
Find the netdiag tool in Support Tolls for your Windows version of user's PC. Support Tools is in SUPPORT\TOOLS folder on Windows Setup CD
Run this tool on one of affected computer as follows:
netdiag /q /d:your-domain-dns-name

Send me netdiag.log  
0
 
LVL 9

Expert Comment

by:bigjimbo813
ID: 17000586
Are the machines not recieving the objects random, or do they seem to fall down one side of your AD structure
0
 
LVL 9

Expert Comment

by:bigjimbo813
ID: 17000601
Also one more thing. Verify the GPO refresh interval. It should be around 20 minutes.

http://support.microsoft.com/default.aspx?scid=kb;en-us;203607
0
 
LVL 1

Author Comment

by:ddh76
ID: 17001928


    Computer Name: BH021
    DNS Host Name: BH021.xxxxxx.co.uk
    System info : Windows 2000 Professional (Build 2600)
    Processor : x86 Family 6 Model 13 Stepping 8, GenuineIntel
    List of installed hotfixes :
        KB873339
        KB883939
        KB885250
        KB885835
        KB885836
        KB885855
        KB886185
        KB887472
        KB887742
        KB888113
        KB888302
        KB888310
        KB890046
        KB890175
        KB890859
        KB891781
        KB893066
        KB893756
        KB893803v2
        KB894391
        KB896358
        KB896422
        KB896423
        KB896424
        KB896428
        KB896688
        KB898461
        KB899587
        KB899589
        KB899591
        KB900725
        KB901017
        KB901214
        KB902400
        KB904706
        KB905414
        KB905749
        KB910437
        KB912919
        KB915865
        Q147222
    [WARNING] The net card 'RAS Async Adapter' may not be working because it has not received any packets.
    [WARNING] The net card '3Com 3CRPAG175 Wireless LAN PC Card - Packet Scheduler Miniport' may not be working.
    [WARNING] The net card 'Deterministic Networks WAN Virtual miniport' may not be working because it has not received any packets.
    [WARNING] The net card '3Com 3CRPAG175 Wireless LAN PC Card - Deterministic Network Enhancer Miniport' may not be working.
    [WARNING] The net card '3Com 3CRPAG175 Wireless LAN PC Card' may not be working.



Per interface results:

    Adapter : Local Area Connection 2

        Host Name. . . . . . . . . : BH021.xxxxxxxx.co.uk
        IP Address . . . . . . . . : 192.168.0.155
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.0.250
        Primary WINS Server. . . . : 192.168.0.6
        Dns Servers. . . . . . . . : 192.168.0.6



    Adapter : Wireless Network Connection 2

        Netcard queries test . . . : Failed
        NetCard Status:          DISCONNECTED
            Some tests will be skipped on this interface.

        Host Name. . . . . . . . . : BH021
        IP Address . . . . . . . . : 0.0.0.0
        Subnet Mask. . . . . . . . : 0.0.0.0
        Default Gateway. . . . . . :
        Dns Servers. . . . . . . . :



Global results:
    [WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.

IP Security test . . . . . . . . . : Skipped


The command completed successfully
0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 17004474
> It is pointing towards itself for WINS, yet the WINS test failed. Check
to see if the server is up.
> It is pointing towards itself for DNS, maybe you've got an Island DNS
situation? Point all the Win2K DCs towards the same DC for Primary DNS.
See http://support.microsoft.com/kb/275278/
http://support.microsoft.com/default.aspx?scid=kb;en-us;825036
 > The odds are that you're also having replication issues, run "repadmin
/showreps" to see this.
* A "netdiag /v" is also more helpfull for describing what is erroring for
the tests that are failing.
0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 17004547
Also, for the clients who cannot apply a GPO, make sure that ICMP isn't being blocked between them and the DC. The Netdiag from the DC shows some
things, but the application log on the machines not getting GPOs will tell more. Are you seeing SceCli 1202's and UserENV 1000's? If so, what is the
errors listed in the text of those errors? If you run "gpotool /verbose" on one of the DCs, do you see version mismatch errors between the DC's SYSVOL
versions?

The file MPSRPT_DIRSVC.exe from
http://www.microsoft.com/downloads/details.aspx?FamilyID=cebf3c7c-7ca5-408f-88b7-f9c79b7306c0&DisplayLang=en
will run many of the tools (gpotool, netdiag, dcdiag, repadmin, etc.) that are often helpfull for finding the cause of GPOs not applying. This is what
the folks from PSS would use to collect a snapshot of the system to help identify the problem. The results of the tests will be written to
%systemroot%\mpsreports\dirsvc\logs (usually C:\winnt\mpsreports\dirsvc\logs on a Win2K system).

Regards,
Engineer_Dell
0
 
LVL 1

Author Comment

by:ddh76
ID: 17030028
ICMP is not being blocked on the firewall.  I have double checked this.  

I am not seeing SceCli 1202s OR UserENV 1000s unfortunately.

I have run the MPSRPT_DIRSVC.exe tool - there aren't any mismatch errors in the gpotool.exe log.  Shall I run this on both DCs or will just one do?
0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 17030532
Well
I guess just one will do...

Engineer_Dell
0
 
LVL 1

Author Comment

by:ddh76
ID: 17030672
And which report do you want to see?
0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 17032430
C:\winnt\mpsreports\dirsvc\logs
0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 17033860
Hello DDH76,
Before you post the logs, let me ask you these to checklist that we have not missed any possible solution,

1. Try to access the sysvol with \\computername\sysvol or \\domainname\sysvol\  I mean access the Sysvol share on both the Child.domain.com and Domain.com ?

2. What about DFS Client is it running ?

3. What about SMB Signing ? If use SMB signing, you must either enable it or disable it on both the SMB client and the SMB server,
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/568.mspx?mfr=true

4. Do you use ipsec anywhere? if yes then disable it.

5. If you have Media sense on trouble clients, then Disable it,
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableDHCPMediaSenseo     set the value to "1"
0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 17033951
On Windows XP Service Pack 2 clients, you must add the GpNetworkStartTimeoutPolicyValue registry entry. This entry defines the number of seconds to wait before trying to run the Group Policy startup script again. To find the value that will work for your configuration, define a decimal value of 60, and then increase the value until the problem is resolved. To add the registry entry and to define the value, follow these steps:
1. Click Start, click Run, type regedit, and then click OK.
2. Expand the following subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
3. Right-click Winlogon, point to New, and then click DWORD Value.
4. To name the new entry, type GpNetworkStartTimeoutPolicyValue, and then press ENTER.
5. Right-click GpNetworkStartTimeoutPolicyValue, and then click Modify.
6. Under Base, click Decimal.
7. In the Value data box, type 60, and then click OK.
8. Close Registry Editor, and then restart your computer.
9. If the Group Policy startup script does not run, increase the value of the GpNetworkStartTimeoutPolicyValue registry entry.
>>>DDH76, IF YOU HAVE NOT DONE ABOVE STEPS ON CLIENT MACHINE PLEASE TEST IT ON ATLEAST ONE MACHINE
Refer,
http://support.microsoft.com/kb/840669
0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 17033989
7. Check policy folders for the Internet Connection Firewall, Windows Firewall, and Folder redirection are in the SYSVOL folder. You recreate the three folders manually also.

8. Have you tried Loopback processing of Group Policy ?
 http://support.microsoft.com/Default.aspx?id=231287

Please answer above questions, so that we can resolve it today,

Regards,
Engineer_Dell
0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 17033999
0
 
LVL 1

Author Comment

by:ddh76
ID: 17035870
Ok, I have changed the GpNetworkStartTimeoutPolicyValue to 120 and, currently, it appears to be working on my machine.  I am going to try it on others now...  However, I do not get a "GPOs applied succesfully" event in Event Viewer?
0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 17035930
Lets go step by step...there could be various reasons that why u r not getting "GPO applied successfully"

All the best !!

Engineer_Dell
0
 
LVL 1

Author Comment

by:ddh76
ID: 17036110
Ok, I have done ALL of the above and it does seem to work now but I am still not getting GPOs applied succesfully.
0
 
LVL 6

Expert Comment

by:engineer_dell
ID: 17036181
Great !!

Do you see any error in event log ?? Now may try removing and re-applying policies one by one ...

Regards,

Engineer_Dell
0
 
LVL 1

Author Comment

by:ddh76
ID: 17054282
No errors in the Event Log anymore.  Thanks.

Do I need to alter this registry key on to the domain controllers too?

0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

This article will explain how to establish a SSH connection to Ubuntu through the firewall and using a different port other then 22. I have set up a Ubuntu virtual machine in Virtualbox and I am running a Windows 7 workstation. From the Ubuntu vi…
You ever wonder how to backup Linux system files just like Windows System Restore?  Well you can use Timeshift in Linux to perform those similar action.  This tutorial will show you how to backup your system files and keep regular intervals. Note…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now