Dont want to load GPOs on AD server

Ok,

I have a problem with some GPOs and im not able to find where the problem is from. I have an error in event viewer every 10min

Userenv
Description :
Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

I would like to know if theres a way to not load any gpos on my server. Is it possible or I will screw my only ad server.

Is there any tools that debug gpos, so I can find whats the problem.

Because since I have this message, my server is really slow

Do you think a repair from the cd would fix this problem? I've looked on the internet and tried mostly all solutions and im kinda desperate.

Any help will be appreciated.
DeNzMoRAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AnthonyP9618Commented:
Do this...

Run gpresult > C:\gpresult.txt from a command prompt window.  Once complete, open up the gpresult.txt file in the root of C.  This should show the list of applied and filtered Group Policies for this server.  We're going to focus on the list of applied Group Policies.

Create a new Global Security Group in AD called MemberServer-NoGPO (or whatever you want).  Open up Group Policy and find the Group Policies that we found were applying to the server we ran gpresult on.  In each of these policies we want to add the MemberServer-NoGPO into the Security of Group policy.  Once added, check DENY for Apply Group Policy (should be the last entry).  Repeat this process for each Group Policy that is being applied to our target server.  Once complete, add the server into this group.  Ensure that you force or wait for repliaction occur for all DCs in the site.

On the target server, perform a GP force.. type gpupdate /force from a command prompt on the target server to force group policy updates.

Re-run the gpresult command above and compare the output to the previously generated file.  If the securities took, there should be no group policies applying to this server.  In fact, you should see that group policies that once were applying to the server have now been filtered out by Security.

From there you should be able to enable a single GPO at a time by removing the security group in the GP, forcing replication amoung the DCs and forcing a GPupdate on the target server.  

Hope that helps.
life_jCommented:
DeNzMoRAuthor Commented:
life_j I tried that and its not working.

Thanks Anthony, I will try this asap and keep you in touch.
Build an E-Commerce Site with Angular 5

Learn how to build an E-Commerce site with Angular 5, a JavaScript framework used by developers to build web, desktop, and mobile applications.

Bradley FoxLAN/WAN Systems AdministratorCommented:
If you do not want the GPOs applied to a specific server just edit the security of the GPOs and add the servername (you will have to select types and check off computers) then check the Deny box next to apply Policy for the server.
Stephen MandersonSoftware EngineerCommented:
Hi there, hope this may be of help to you, similar to the link above, but has other options to fix this problem.

http://www.eventid.net/display.asp?eventid=1090&eventno=1881&source=Userenv&phase=1

Regards
Steve

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DeNzMoRAuthor Commented:
I tried the gpresult and it tooks like 5 min and after that I got this error messager

server execution failed.....
DeNzMoRAuthor Commented:
MrManderson
Ive seen this page and nothing is working....
DeNzMoRAuthor Commented:
I have several dcom errors in event viewer also

The server {000C101C-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.

The server {BA126AE5-2166-11D1-B1D0-00805FC1270E} did not register with DCOM within the required timeout.
Stephen MandersonSoftware EngineerCommented:
The First GUID is an error with the Microsoft Installer.
http://support.microsoft.com/kb/309282/en-us

The Second has to do with the RPC
http://support.microsoft.com/kb/839880/en-us

The thirds one I cant seem to find any info on

This may help fix some of you're com issues
http://support.microsoft.com/kb/910730/

I will look into you're RSoP error more

DeNzMoRAuthor Commented:
I re-register msiintaller and now Im able to uninstall programs.

Bradley FoxLAN/WAN Systems AdministratorCommented:
Is this server running Terminal Services?
http://support.microsoft.com/?kbid=873375

This is probably stupid but did you try a gpupdate /force ?
Stephen MandersonSoftware EngineerCommented:
Im not a big fan of posting links to other experts answers but this may be of use to help you solve it quicker.

http://www.experts-exchange.com/Networking/Microsoft_Network/Q_21126829.html?query=1090+userenv&clearTAFilter=true

Bradley FoxLAN/WAN Systems AdministratorCommented:
Everything always seems to come back to DNS so I would try just for the heck of it.

Make sure primary DNS on the offending DC is pointing at itself and it's running DNS with a AD integrated zone hosting your domain.

Stop and start the netlogon service.
DeNzMoRAuthor Commented:
yeah I had ts server running but I uninstall it and even the ts server licensing. I tried gpupdate /force many times
when I was runnign the mof-thing command line
Stephen MandersonSoftware EngineerCommented:
You should consult with microsoft they may have non published tools that may sort this problem.

Regards
Steve
Bradley FoxLAN/WAN Systems AdministratorCommented:
I would suggest calling Microsoft to obtain the hotfix that is explained in the link from my previous post.
DeNzMoRAuthor Commented:
theres no way it can be a dns problem.
Bradley FoxLAN/WAN Systems AdministratorCommented:
I was referring to the hotfix from this post:

Is this server running Terminal Services?
http://support.microsoft.com/?kbid=873375
DeNzMoRAuthor Commented:
ive noticed theres some memory leak with svchost.exe (SYSTEM)
its taking 800mb atm.. Ill try uninstall my antivirus program.
DeNzMoRAuthor Commented:
Only repairing windows 2003 solved the problem. But im going to give the points to MrAnderson since he helped me the most.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.