gpo problem after demoting a server

FiremanFpG
FiremanFpG used Ask the Experts™
on
hi,
a while ago i added 2 dc`s to my domain (one was 2008)
all worked ok,
i moved fsmo+gc to the 2008 server.
the 3rd server was gc also.
i let them replicate without errors
i demoted the first server, reinstalled it and added as dc.

on clients i get error when trying to gather gpo, it still asks for the first server - in the event i see the processing of group policy failed, windows attempted to read the file \\1stservername\sysvol\domain\policies\etcetcetc

i checked the guid and it`s ok.
 i can access the \\FQDN\sysvol\policies\etcetcetc from all computers and servers
i ran dcdiag from all dc servers - it gives me the same error
he processing of Group Policy failed. Windows attempted to read the file \\firstserver\sysvol\FQDN\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:


         An Error Event occurred.  EventID: 0x00000457

and same message with event 0x00000422

i checked the dns and the server name is not there.

i ran ntdsutil metadata cleanup and i don`t see the server i removed there.
i checked adsi and it`s not there also.

i can open the gpo`s from gpmc on any server and change their settings etc

i need assistance ASAP


P.S the domain was in the long past on an SBS and we advanced from it after we ran to the user limit

thanks


Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2012

Commented:
Can you post ipconfig /all for the server and client.

Make sure the polices are listed in the SYSVOL on the other DCs. How many polices do you have in the GPO?

Author

Commented:
the dns is pointing in the right direction if you still need it i`ll paste it.

the sysvol is replicated among all dc`s...
2 gpo`s i can`t access becuase they are seeking the first server , if i`m taking the GUID i can see them on the server.

Top Expert 2012

Commented:
Please post ipconfig /all.

Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:

Windows IP Configuration

   Host Name . . . . . . . . . . . . : server2
   Primary Dns Suffix  . . . . . . . : domain.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.local

Ethernet adapter Local Area Connection 4:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Switch-SM-5989875d-23fd-4547-84a7-1a820a1013f3-0
   Physical Address. . . . . . . . . : 00-22-19-B6-61-60
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::cc3f:858:fdfc:1dca%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.2.5(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.2.250
   DNS Servers . . . . . . . . . . . : ::1
                                       192.168.2.5
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 8:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{369E4062-6AD0-404B-BA28-80B67C717A6D}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Top Expert 2012

Commented:
DNS is wrong please disable IPv6 remove which should remove the 1 for dns server the run ipconfig /flushdns ipconfig /registerdns, and dcdiag /fix.

Author

Commented:
will try and report back asap,
just had to mention that the problem also exists on computers in the domain (not just the servers)
You state that you checked DNS and the record for the old server was not there, but did you check the domain.tld address records to verify that only active DC's are listed?  Disregard this if you used the same IP address when you reloaded the new DC.

Look for the following under your domain.tld zone, if you see it, delete it:
(same as parent server)     Host(A)     [IP of old Server]

Also check the subfolders in your root domain.tld domain to make sure there aren't any stale resource records.

Cheers,
Juice
Top Expert 2012

Commented:
If the server is having issues with DNS the clients will too.

Author

Commented:
didn`t helped.. i removed the ipv6 checkmark on all 2008 dc`s. (one is 2003)
i ran /flushdns /registerdns
i ran dcdiag /fix

lots of gperrors: i pasted only 3 of them (i have more gpo`s...)

The processing of Group Policy failed. Windows attempted to read the
file \\1stsrv\sysvol\domain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984
F9}\gpt.ini from a domain controller and was not successful. Group Policy settin
gs may not be applied until this event is resolved. This issue may be transient
and could be caused by one or more of the following:
         An Error Event occurred.  EventID: 0x00000422
            Time Generated: 10/25/2009   09:29:26
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\1stsrv\sysvol\domain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984
F9}\gpt.ini from a domain controller and was not successful. Group Policy settin
gs may not be applied until this event is resolved. This issue may be transient
and could be caused by one or more of the following:
         An Error Event occurred.  EventID: 0x00000422
            Time Generated: 10/25/2009   09:34:33
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\1stsrv\sysvol\domain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984
F9}\gpt.ini from a domain controller and was not successful. Group Policy settin
gs may not be applied until this event is resolved. This issue may be transient
and could be caused by one or more of the following:
         An Error Event occurred.  EventID: 0x00000422
            Time Generated: 10/25/2009   09:39:41



i also checked domain dns records... nothing there about the old server...
Top Expert 2012

Commented:
Post another ipconfig /all please.
well i solved it.
i entered adsiedit.msc
went to system,policies
i entered each policy and fixed the unc in gPCfileSysPath to the domain unc insted to the 1stserver unc

thanks anyway everybody

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial