The GPO are not working

Posted on 2008-11-03
Medium Priority
Last Modified: 2011-10-19
I've intalled windows 2003 server, but since the beginning, the GPO has never, ever works.

there was 3 gpo in this directory. But i've deleted all of them.

There is a problem with the domain. Somentimes drop the conecction with the clientes, sometimes never load the computers, never load the wallpaper, desktop backgrown, let the user change propierties, doen't load the networ mapp.

I need to know step by step how to recover my GPO, and to be running the GPO in my LAN.

Question by:felny
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 85

Expert Comment

ID: 22867810
To start with: Deleting folders from the Policies folder in the Sysvol was a *really* bad idea. You've deleted the folders for the Default Domain Policy as well as the Default Domain Controllers policy, but the references to those policies are still in AD. Restore these folders from backup. If you don't have a backup, you can try your luck with the dcgpofix tool.
The Dcgpofix tool does not restore security settings in the Default Domain Controller Policy to their original state
Policies should only be managed through the GPMC, not on their physical locations.

All that aside, your main problems are resulting from your single-label DNS domain name "boxicableweb"; you have no tld like local., .intra, .whatever after boxicableweb. The domain can be reconfigured to allow for this, but you can expect other strange effects if you continue with this name.
Information about configuring Windows for domains with single-label DNS names

Since this seems to be a fairly new installation, I'd recommend to wipe the domain and start from scratch with a proper DNS name; note that the 296250 article, despite the title, applies to most AD domains, not only SBS.

The Domain Name System name recommendations for Small Business Server 2000 and Windows Small Business Server 2003

10 DNS Errors That Will Kill Your Network

Frequently asked questions about Windows 2000 DNS and Windows Server 2003 DNS

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003

Author Comment

ID: 22922421
Ok, your answer is full complety.

I have deleted the gpo. Can you tell me how can i restore the default GPO? I mean, how can i used to work with Dcgpofix tool? Where can i get it?

I couldn't recover my last gpo, but it doesn't matther to return the default, because likewise, the last  never work.

Can you tell me step by step how to use Dcgpofix???
LVL 85

Expert Comment

ID: 22922658
dcgpofix.exe is a normal part of a W2k3 AD installation, in %Systemroot%\system32. You just run it; but as I said, I have no idea how it will react if only the physical folder has been deleted.
Optimum High-Definition Video Viewing and Control

The ATEN VM0404HA 4x4 4K HDMI Matrix Switch supports 4K resolutions of UHD (3840 x 2160) and DCI (4096 x 2160) with refresh rates of 30 Hz (4:4:4) and 60 Hz (4:2:0). It is ideal for applications where the routing of 4K digital signals is required.


Author Comment

ID: 22931925
Ok, i could recover the gpo in default setting. now, i have made changes  that don't wokr.

This was exactly what i did... (look at the picture)

What do i have to do for the gpo work in my LAN...

Author Comment

ID: 22931929
LVL 85

Accepted Solution

oBdA earned 2000 total points
ID: 22932468
As I said before: your main problems are resulting from your single-label DNS domain name "boxicableweb"; you have no tld like .local, .intra, .whatever after "boxicableweb".
The absolute minimum you'll have to do that might get your domain (and the GPOs) to work in its current state is to follow the KB300684 article I linked above, but you're likely to encounter more problems related to this domain name as time goes on.

So again: Since this seems to be a fairly new installation, I'd recommend to wipe the domain and start from scratch with a proper DNS name; see the other links from my previous answer for details.

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses
Course of the Month7 days, 19 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question