Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2059
  • Last Modified:

Group Policy error message appearing on all workstation and servers in the domain

Group Policies seem to be working and domain controllers are replicating (GPOtool.exe), but workstations and servers are showing the event ID 1085 error whenever Group Policies refresh.  
Would love to get rid of this error.  The Userenv log indicates that the error occurs when processing the Default Domain Policy (see below).  In addition, the log lists that the RSOP entry point cannot be found for any of the .dll files.  I re-registered the .dll files on my workstation.  All but appmgmts.dll can be registerded (error is that no entry point can be found).  Below is a portion of the Userenv log that indicates the actual error message.  Any help or pointers in the right direction in terms of troubleshooting this nagging issue would be most appreciated.   USERENV(254.880) 11:50:53:886 ProcessGPOs: -----------------------
USERENV(254.a90) 11:50:53:886 ProcessGPOs: Processing extension Scripts
USERENV(254.880) 11:50:53:886 ReadStatus: Read Extension's Previous status successfully.
USERENV(254.a90) 11:50:53:901 CompareGPOLists:  The lists are the same.
USERENV(254.880) 11:50:53:901 CompareGPOLists:  Different entries found.
USERENV(254.a90) 11:50:53:901 CheckGPOs: No GPO changes but called in force refresh flag or extension Scripts needs to run force refresh in foreground processing
USERENV(254.880) 11:50:53:901 ProcessGPOList: Entering for extension Scripts
USERENV(254.a90) 11:50:53:917 ProcessGPOList: Entering for extension Scripts
USERENV(254.880) 11:50:53:933 LogExtSessionStatus: Successfully logged Extension Session data
USERENV(254.a90) 11:50:53:948 LogExtSessionStatus: Successfully logged Extension Session data
USERENV(254.880) 11:50:54:042 ProcessGPOList: Extension Scripts returned 0x2.
USERENV(254.880) 11:50:54:058 ProcessGPOList: Extension Scripts was able to log data. RsopStatus = 0x0, dwRet = 2, Clearing the dirty bit
USERENV(254.880) 11:50:54:073 ProcessGPOs: Extension Scripts ProcessGroupPolicy failed, status 0x2.
0
GilardiCo
Asked:
GilardiCo
  • 4
  • 3
1 Solution
 
GilardiCoAuthor Commented:
An additional comment on my issue:   Running the RSOP I am getting an error message on the computer configuration summary under component status.  It is saying that a script is failing - The system cannot find the file.  I currently have only 1 script running on the computer side of things that changes the local admin user name.  I have deleted this policy and still get the error message.  Placed all my scripts in the Netlogon folder.  Rights to access the scripts seem to be ok.  Is my issue at the local policy level relative to client-side extensions?
0
 
dan_blagutCommented:
0
 
GilardiCoAuthor Commented:
Dan, many thanks for the article.  In reading it, I decided to do a thorough check of all our group policies as they are set up physically on our Domain Controller. One thing I noticed is is that in my default domain policy in the User configuration section there is a Script.ini file (with nothing in it).  I think this is because at one time we had a script running in the default domain policy and decided to remove that script and create a separate policy for it.  Since there is no longer any script configured for the default domain policy would this empty script.ini file possibly be the culprit for the error messages we are getting?  If so, should I remove the script.ini file since there is no script that it is associated with it?  Any further advice at this point would be most helpful.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
dan_blagutCommented:
Hi
I checked our sysvol but I can't find any script.ini file. So before to delete anything search on Microsoft site the GPMC( if you don't have already). In the Program files\GPMC folder you will see some good scripts. The first you need to use is BackupAllGPO.
Then you can play with, because there you have RestoreGPO for undo.
Anyway sometime backupAllGPO folowed by RestoreAllGPO can do miracle.
Just try it.

DaN
0
 
GilardiCoAuthor Commented:
Thx Dan.  I backed up my GPO's and removed the empty scripts.ini file from the Default Domain Policy.  No changes to report unfortunately.
0
 
dan_blagutCommented:
If you have a good backup now you can delete all policys, and then recreate. Or restore from backup
0
 
GilardiCoAuthor Commented:
The fix for the issue turned out to be reinstalling a script in the default domain policy computer configuration startup section that I had previously removed and put in a separate GPO.  Am guessing that I initially made changes in the GPOs without waiting enough time for replication between domain controllers to occur. For whatever reason, it turned out that the Default Domain Policy was looking for that script even though it had been removed.  Case closed.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now