Solved

Windows cannot access the file gpt.ini for GPO

Posted on 2008-06-10
11
3,559 Views
Last Modified: 2013-12-04
Hi there,
In my application log I am constantly receiving this error:

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1058
Date:            10/06/2008
Time:            3:54:24 PM
User:            NT AUTHORITY\SYSTEM
Computer:                   SBSSYD01
Description:
Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=selectfunds,DC=local. The file must be present at the location <\\selectfunds.local\sysvol\selectfunds.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>. (Configuration information could not be read from the domain controller, either because the machine is unavailable, or access has been denied. ). Group Policy processing aborted.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

I have just reinstalled Active Directory on our Disaster Recovery Server and am now receiving this error every 5 mins. I think it has to do with GPO and permissions.  I've checked that the Administrator has access to the SYSVOL share however if i try to go to \\selectfunds.local from the command prompt i receive access denied so i can't access the gpt.ini file via that path but i can access this share fine on our live server (note: This problem is happening to our disaster recovery server which is an exact replica of our live server).  So i'm thinking its a permission or corrupt registry setting somewhere.  Does anyone have any ideas?  Thanks
0
Comment
Question by:nina007
  • 5
  • 3
  • 2
  • +1
11 Comments
 
LVL 7

Assisted Solution

by:richammond
richammond earned 200 total points
ID: 21749112
make sure you have DFS enabled or check your IP settings. Also, if using 2 or more NICs, disable them all but one on that server. Make sure that NIC has a static DNS server and disable netbios. Hope this helps
Regards
0
 
LVL 4

Expert Comment

by:Dovinshka
ID: 21749386
What do you mean by "exact replica"?
Is it just an image of the production server?

Are these events generated on a client machine connecting to the DR server, or the DR server itself?

Dov.
0
 
LVL 3

Expert Comment

by:SkiptonBS
ID: 21749416
How have you restored the DR Server?
0
 

Author Comment

by:nina007
ID: 21749501
Ok so i have an HP ML150 server as my DR server which is an exact replica in that i've restored the C:\ drive and the system state and all data.  I used Veritas Backup exec 10.d to restore this data. It is different hardware but it's an image of our production server in regards to software.

richammond can you please tell me what DFS is. I have 2 NICs - one for internal access and one for external.  Why do i need to disable all but 1 NIC as i used both.
The errors are generated on the server itself when i connect to it via terminal services.

I restored the DR server but restoring the system state and C:\ drive on windows 2003 SBS.  I had an inital problem after i restore the data as my DR server did not have SP1 installed but the backup tapes i used were from windows 2003 SBS SP1.  I've overcome my inital boot-up probs and have re-installed SP1 on the server. see http://www.experts-exchange.com/Hardware/Servers/Q_23449313.html for more info on my inital probs.  But these have been resolved. I'm just constantly getting the error as listed above every 5 mins or so in my log file.


0
 

Author Comment

by:nina007
ID: 21749515
Also i am running windows 2003 SBS SP1, not Windows 2003 SBSR2.
0
 
LVL 4

Expert Comment

by:Dovinshka
ID: 21749576
DFS client/server services are listed in start>run>services.msc. Check to see if those services have started. See if starting them clears the errors. However, DFS on an SBS box might be the least of your worries.

Also, check to see if the time is correct on the server. I know it's a single DC but it can't hurt.

richammond was mentioning the dual NIC interfaces as SBS/DNS can often be affected with multi-homed servers. Are you using both for a specific purpose (RRAS, NAT, etc)? If so, temporarily disable one and see how that helps.

Dov.
0
 
LVL 3

Assisted Solution

by:SkiptonBS
SkiptonBS earned 50 total points
ID: 21749993
Ensure that your LAN nic is the higher in priority than the WAN nic.

Start>Settings>Network Connections

Click Advanced menu and Advanced Settings.

Also confirm that the same NTFS permissions are set the same as your production environment.
0
 

Author Comment

by:nina007
ID: 21750212
HI guys, thanks for your help so far. I checked my settings against the production server and the only difference was that i had enabled Netbios over TCP/IP on the WINS tab within my internal NIC settings. I changed this to be default: use NETBIOS setting from DHCP server and i think this has fixed this problem as i am not seeing these errors in the event log. Thanks for suggesting to check NetBios settings. However I'm having a few more probs.... my lsass.exe service in task manager is using over 25% of CPU and my server is running very slowly.  

Also, every 30 secs an error log is generated from the application log saying:
Event ID: 1000
Source: Windows Share Point Services 2.0
#50070: Unable to connect to te database STS_Config on SBSSYD01\Sharepoint.  Check the database connection information and make sure the server is running.

I am going to restore my SQL sharepoint database again and see if i can get this to fix my error. Any ideas on why lsass.exe is using up so much CPU???
0
 
LVL 4

Accepted Solution

by:
Dovinshka earned 250 total points
ID: 21750257
lsass.exe is responsible for logon/authentication. This can quite possibly be caused by a corrupt Sharepoint config/install. Check your event logs under security and see if there are any requests/failures that are higher than normal.

You can also download Process Monitor to see exactly what is happening in the background. You can find Process Monitor here - http://www.microsoft.com/technet/sysinternals/FileAndDisk/processmonitor.mspx

Dov.
0
 

Author Comment

by:nina007
ID: 21750567
oops i celebrated too early....my error message is back in the logs. It was just hard to see with all the sharepoint errors. Do you think if i restore my sharepoint databases this could resolve these errors?  What else can you suggest to fix my original error 1058, cannot access file gpt.ini
0
 

Author Comment

by:nina007
ID: 21758620
After i restored my Sharepoint database and restarted my errors have stopped appearing.  Thanks for your help.
0

Join & Write a Comment

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now