Solved

The GPO are not working

Posted on 2008-11-03
6
508 Views
Last Modified: 2011-10-19
I've intalled windows 2003 server, but since the beginning, the GPO has never, ever works.

there was 3 gpo in this directory. But i've deleted all of them.
\\Boxiserver\SYSVOL\BOXICABLEWEB\Policies

There is a problem with the domain. Somentimes drop the conecction with the clientes, sometimes never load the computers, never load the wallpaper, desktop backgrown, let the user change propierties, doen't load the networ mapp.

I need to know step by step how to recover my GPO, and to be running the GPO in my LAN.


1.JPG
2.JPG
3.JPG
0
Comment
Question by:felny
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 85

Expert Comment

by:oBdA
ID: 22867810
To start with: Deleting folders from the Policies folder in the Sysvol was a *really* bad idea. You've deleted the folders for the Default Domain Policy as well as the Default Domain Controllers policy, but the references to those policies are still in AD. Restore these folders from backup. If you don't have a backup, you can try your luck with the dcgpofix tool.
The Dcgpofix tool does not restore security settings in the Default Domain Controller Policy to their original state
http://support.microsoft.com/kb/833783
Policies should only be managed through the GPMC, not on their physical locations.

All that aside, your main problems are resulting from your single-label DNS domain name "boxicableweb"; you have no tld like local., .intra, .whatever after boxicableweb. The domain can be reconfigured to allow for this, but you can expect other strange effects if you continue with this name.
Information about configuring Windows for domains with single-label DNS names
http://support.microsoft.com/kb/300684

Since this seems to be a fairly new installation, I'd recommend to wipe the domain and start from scratch with a proper DNS name; note that the 296250 article, despite the title, applies to most AD domains, not only SBS.

The Domain Name System name recommendations for Small Business Server 2000 and Windows Small Business Server 2003
http://support.microsoft.com/kb/296250

10 DNS Errors That Will Kill Your Network
http://redmondmag.com/features/article.asp?EditorialsID=413

Frequently asked questions about Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036
0
 
LVL 2

Author Comment

by:felny
ID: 22922421
Ok, your answer is full complety.

I have deleted the gpo. Can you tell me how can i restore the default GPO? I mean, how can i used to work with Dcgpofix tool? Where can i get it?

I couldn't recover my last gpo, but it doesn't matther to return the default, because likewise, the last  never work.

Can you tell me step by step how to use Dcgpofix???
0
 
LVL 85

Expert Comment

by:oBdA
ID: 22922658
dcgpofix.exe is a normal part of a W2k3 AD installation, in %Systemroot%\system32. You just run it; but as I said, I have no idea how it will react if only the physical folder has been deleted.
0
The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

 
LVL 2

Author Comment

by:felny
ID: 22931925
Ok, i could recover the gpo in default setting. now, i have made changes  that don't wokr.

This was exactly what i did... (look at the picture)

What do i have to do for the gpo work in my LAN...
1.JPG
0
 
LVL 2

Author Comment

by:felny
ID: 22931929
other
2.JPG
0
 
LVL 85

Accepted Solution

by:
oBdA earned 500 total points
ID: 22932468
As I said before: your main problems are resulting from your single-label DNS domain name "boxicableweb"; you have no tld like .local, .intra, .whatever after "boxicableweb".
The absolute minimum you'll have to do that might get your domain (and the GPOs) to work in its current state is to follow the KB300684 article I linked above, but you're likely to encounter more problems related to this domain name as time goes on.

So again: Since this seems to be a fairly new installation, I'd recommend to wipe the domain and start from scratch with a proper DNS name; see the other links from my previous answer for details.
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question