Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Group Policy Error: the file.. not a valid format

Posted on 2007-04-10
11
Medium Priority
?
4,578 Views
Last Modified: 2011-10-03
Hello Experts. Here’s a doosey
I have a Group Policy in which I cannot access via Group Policy Management.
when I attempt to edit the GP in question, I get an error message saying "Failed to open the group policy Object.  you may not have the appropriate rights.... Details: Unspecified Error"
After examining the Group Policy Management (admin tools) I noticed under the [Settings] tab of the problematic GP that under User configuration/administrative templates/   there is a message indicating:

An Error has occurred while collecting data for Administrative Templates

The following errors were encountered:
The file "\\jordanNTHS.jdnnths.lausd.net\SysVol\jdnnths.lausd.net\Policies\{99A9DE20-358D-49EC-8576-65E91777ECCB}\User\registry.pol" is not in a valid format.
The file might be corrupt.
Use Group Policy Object Editor to reconfigure the settings in this extension.


I anticipate the problem stemmed from my attempting to do a GP modification.. the MMC hung up, so I quit the app. After which the problems started happening.
I googled the problem and found some information that indicated looking at ADSIEDIT.MSC path of <doman>/CN=system,CN=Policies    but I cannot tell where the error is coming from. I suspect (not that I know anything regarding) that the registry.pol file is the problem. If this is the case, can it be repaired w/out having to reconfigure my Group Policy all over again? This GP is not a default domain policy. It s is for particular OU located under Domain/Users in AD.

Infrast:   Workstations: WinXP,sp2      PDC: Server 2003, SP1 (I only have one Domain Controller.. however its also doing file servicing)

Thanks!
0
Comment
Question by:computerguy79
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
11 Comments
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18886162
I don't wish to rain on your parade, but the only way I'm aware of to recover from that error is to restore the GPO from backup.

Though it'll be shutting the barn door after the horse has already gone out if you're not already doing backups, here's a tutorial on backing up and restoring GPOs using the Group Policy Management Console: http://www.windowsecurity.com/articles/Backing-up-Restoring-GPOs-using-GPMC.html
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18886174
computerguy79,

agreed, sounds like your policy has kicked the bucket...though i wonder if the permissions problem may be coming from the actual policy file in the SYSVOL folder.....bit of a long shot but hey

Regards,

James
0
 
LVL 1

Author Comment

by:computerguy79
ID: 18886302
If i have to resort to a back up, that won't be too bad. problem is remembering where I saved it.
Also, I notice that if I remove the registry.pol file from the policies user folder, then open up GPMC the policy is editable. It seems the only affected policy settings are the ones under administrative templates. If thats the case, I'll just restore the settings as I've had them. I've been smart enough to make printouts of the GP modifications as I've been doing them for the last month. Wheeew. that would have sucked. Just for verification from the experts, If I remove the registry.pol file and do a modification to the GP in question, AD will create a new registry.pol file and put it in its (the old one's) place, right?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18886326
I -believe- that the GP Editor will just create a blank registry.pol, yes.  Never tried it, though, so I can't speak to a 100% certainty.  (And if it doesn't work, your worst-case is that you're back to restoring from backup, which you have the means to do anyway.)
0
 
LVL 1

Author Comment

by:computerguy79
ID: 18886378
absolutely. In fact, I just rolled back the 'bad' GP just before my last post. Funny thing it that the GP is active and enforcing policies.. I just can't edit it.
I'll do the modification on Thurs. If it works, I'll comment on it.
0
 
LVL 1

Author Comment

by:computerguy79
ID: 18936414
update: I have recently completed MANUALLY creating a new GP modeled off the old.
Plan on Deploying on Monday. One I do so, I 'm going to copy the registry.pol to the old GP and see if it works. Keep your toes X'd!
0
 
LVL 1

Author Comment

by:computerguy79
ID: 18962605
Good news.. IT WORKS!
I finally got around to finishing and deploying my newly created GP. It is identical if not better than the original one I created. The good news of course is that a direct copy of the SYSVOl/<domain>/Policies/{GUID}/User/Registry.pol file fixed the corruption of the old GPO
Apparently everything else ties in seamlessly, yet  while this method worked for me and at this point is usless seeing as how I've configure a whole new GPO that can just be renamed to that of the old one, I just wanted to give an update of my success.
0
 
LVL 1

Accepted Solution

by:
computerguy79 earned 0 total points
ID: 18989577
Vee Mod:
As I stated in my last comment, the solution was to create a new Group Policy Object, configure it as desired, then I copied the registry.pol file to the directory: SYSVOl/<domain>/Policies/{GUID}/User/
My comment to all who participated was that, apparently everything else associated with the new GP ties in seamlessly(folders of templates, adms, etc).
If all is well and there are no discrepancies, I'd like to change this post to a "PAQ and Refund"
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question