Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Group Policy error message appearing on all workstation and servers in the domain

Posted on 2008-06-09
7
Medium Priority
?
2,050 Views
Last Modified: 2012-06-27
Group Policies seem to be working and domain controllers are replicating (GPOtool.exe), but workstations and servers are showing the event ID 1085 error whenever Group Policies refresh.  
Would love to get rid of this error.  The Userenv log indicates that the error occurs when processing the Default Domain Policy (see below).  In addition, the log lists that the RSOP entry point cannot be found for any of the .dll files.  I re-registered the .dll files on my workstation.  All but appmgmts.dll can be registerded (error is that no entry point can be found).  Below is a portion of the Userenv log that indicates the actual error message.  Any help or pointers in the right direction in terms of troubleshooting this nagging issue would be most appreciated.   USERENV(254.880) 11:50:53:886 ProcessGPOs: -----------------------
USERENV(254.a90) 11:50:53:886 ProcessGPOs: Processing extension Scripts
USERENV(254.880) 11:50:53:886 ReadStatus: Read Extension's Previous status successfully.
USERENV(254.a90) 11:50:53:901 CompareGPOLists:  The lists are the same.
USERENV(254.880) 11:50:53:901 CompareGPOLists:  Different entries found.
USERENV(254.a90) 11:50:53:901 CheckGPOs: No GPO changes but called in force refresh flag or extension Scripts needs to run force refresh in foreground processing
USERENV(254.880) 11:50:53:901 ProcessGPOList: Entering for extension Scripts
USERENV(254.a90) 11:50:53:917 ProcessGPOList: Entering for extension Scripts
USERENV(254.880) 11:50:53:933 LogExtSessionStatus: Successfully logged Extension Session data
USERENV(254.a90) 11:50:53:948 LogExtSessionStatus: Successfully logged Extension Session data
USERENV(254.880) 11:50:54:042 ProcessGPOList: Extension Scripts returned 0x2.
USERENV(254.880) 11:50:54:058 ProcessGPOList: Extension Scripts was able to log data. RsopStatus = 0x0, dwRet = 2, Clearing the dirty bit
USERENV(254.880) 11:50:54:073 ProcessGPOs: Extension Scripts ProcessGroupPolicy failed, status 0x2.
0
Comment
Question by:GilardiCo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 

Author Comment

by:GilardiCo
ID: 21746305
An additional comment on my issue:   Running the RSOP I am getting an error message on the computer configuration summary under component status.  It is saying that a script is failing - The system cannot find the file.  I currently have only 1 script running on the computer side of things that changes the local admin user name.  I have deleted this policy and still get the error message.  Placed all my scripts in the Netlogon folder.  Rights to access the scripts seem to be ok.  Is my issue at the local policy level relative to client-side extensions?
0
 
LVL 22

Expert Comment

by:dan_blagut
ID: 21758951
0
 

Author Comment

by:GilardiCo
ID: 21762292
Dan, many thanks for the article.  In reading it, I decided to do a thorough check of all our group policies as they are set up physically on our Domain Controller. One thing I noticed is is that in my default domain policy in the User configuration section there is a Script.ini file (with nothing in it).  I think this is because at one time we had a script running in the default domain policy and decided to remove that script and create a separate policy for it.  Since there is no longer any script configured for the default domain policy would this empty script.ini file possibly be the culprit for the error messages we are getting?  If so, should I remove the script.ini file since there is no script that it is associated with it?  Any further advice at this point would be most helpful.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 22

Expert Comment

by:dan_blagut
ID: 21768244
Hi
I checked our sysvol but I can't find any script.ini file. So before to delete anything search on Microsoft site the GPMC( if you don't have already). In the Program files\GPMC folder you will see some good scripts. The first you need to use is BackupAllGPO.
Then you can play with, because there you have RestoreGPO for undo.
Anyway sometime backupAllGPO folowed by RestoreAllGPO can do miracle.
Just try it.

DaN
0
 

Author Comment

by:GilardiCo
ID: 21774611
Thx Dan.  I backed up my GPO's and removed the empty scripts.ini file from the Default Domain Policy.  No changes to report unfortunately.
0
 
LVL 22

Expert Comment

by:dan_blagut
ID: 21777603
If you have a good backup now you can delete all policys, and then recreate. Or restore from backup
0
 

Accepted Solution

by:
GilardiCo earned 0 total points
ID: 22388670
The fix for the issue turned out to be reinstalling a script in the default domain policy computer configuration startup section that I had previously removed and put in a separate GPO.  Am guessing that I initially made changes in the GPOs without waiting enough time for replication between domain controllers to occur. For whatever reason, it turned out that the Default Domain Policy was looking for that script even though it had been removed.  Case closed.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question