Solved

Group Policy issue - Event ID 1058

Posted on 2010-11-08
13
1,592 Views
Last Modified: 2012-05-10
Hi,

Have several machines on a network (less than half of them) that are having issues with group policy.

Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1058
Date: Date
Time: Time
User: User_Name
Computer: Computer_Name
Description: Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=domainname,DC=com . The file must be present at the location <\\domainname.com\sysvol\domainname.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984 F9}\gpt.ini>. (Error_Message). Group Policy processing aborted. For more information, see Help and Support Center at http://support.microsoft.com.

If i try and browse from the affected PC to that share location, i get: The network path was not found.

If i replace the domainname with the IP address of the SBS server, it works fine....

So DNS issue... well, i put a static entry into the hosts file, when i ping the domain name it resolves fine. Still cannot access the share by UNC.

Other network shares by UNC work fine, so that has me a little confused....


Thoughts?
0
Comment
Question by:Superdata
13 Comments
 
LVL 6

Expert Comment

by:evanmcnally
ID: 34084380
Is the SBS server is set to use itself for primary DNS?  Are the affect clients using the SBS server for primary DNS?

Are the non-affected clients and affected clients getting different group policies?  On the SBS server, go to C:\Windows\SYSVOL\domain\Policies and verify the policy files exist.

Having to use the IP address makes me think the problem clients are not using the SBS as their DNS server.

0
 
LVL 1

Author Comment

by:Superdata
ID: 34089319
"Is the SBS server is set to use itself for primary DNS,"

yes, with forwarders for external resolution.

"Are the affect clients using the SBS server for primary DNS? "

All clients on the network use the SBS Server for DNS. Many are not having issues.

"Are the non-affected clients and affected clients getting different group policies?"
No

On the SBS server, go to C:\Windows\SYSVOL\domain\Policies and verify the policy files exist.
They exist and as stated from the clients, browsing to \\ip address\sysvol\ etc works fine.

"Having to use the IP address makes me think the problem clients are not using the SBS as their DNS server."

DHCP is giving out the correct address, i have also statically set the DNS Server to the correct address and no change.

I have pulled one off the affected PCs off the domain and put it back on after deleting the computer account also, no change.

I have logged into the PC with domain administrator priv in a new profile, also no change.

What gets me, is that i can ping the domain name and it resolves to the server correctly. Slap in a UNC path into explorer and it cant resolve. This pointed me to file and print sharing, but its enabled, netbios is enabled too. Other UNC paths work.... whiskey tango foxtrot...



0
 
LVL 10

Expert Comment

by:abhijitmdp
ID: 34092150
I have also faced the same issue in our environment and below link resolved my issue. You can also try this its safe and really usefull but must take a backup of the registry before applying these registry settings.

http://technet.microsoft.com/en-us/library/cc758453%28WS.10%29.aspx

http://support.microsoft.com/kb/314494

0
 
LVL 1

Author Comment

by:Superdata
ID: 34100957
did not fix :(

noticed the netbios helper service is completely missing from the pc, not sure if this has something to do with it? netbios is enabled under the TCP/IP section.
0
 
LVL 10

Expert Comment

by:abhijitmdp
ID: 34101375
Try this once this is also helpfull.

http://support.microsoft.com/kb/842804
0
 
LVL 1

Author Comment

by:Superdata
ID: 34102024
Tried both parts, rebooted, no change :(
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Author Comment

by:Superdata
ID: 34102546
Fully patched windows manually, killed the antivirus, killed windows firewall, updated the driver for the wireless card.

What gets me, is that \\domaincontroller\sysvol = fine, \\ip\sysvol\ = fine, \\domain\sysvol\ doesnt work.
but when you ping the domain name it resolves. what does using the domain name in the unc path do differently?

The machine in question was in the last few months moved to a new domain name, from blehdom.local to bleh.local

after some testing tonight i have some new symptoms. It can only browse unc paths on machines that existed on the old domain (the DC has the same server name as the old server in the previous domain) our new SQL and TS Server shares cannot be seen by anything other than IP Address.

This has to be some form of strange DNS Issue.

Here is the print out of DNS from the machine:

Windows IP Configuration

Host name . . . . . . . . . . . . . : PC05
Primary DNS Suffix . . . . . . . : bleh.local    (correct)
Node Type. . . . . . . . . . . . . . : Hybrid
IP Routing . . . . . . . . . . . . . . : No
WINS Proxy Enabled . . . . .  : No
DNS Suffix Search List . . . . : bleh.local
.                                               BLEH.local      (why its got both has me a little confused, possibly the issue?)

Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . : BLEH.local
Description . . . . . . . . . . . . . . . . . : Linksys Wireless-G PCI Adaptor
Physical Address . . . . . . . . . . . . : 00-12-17-8A-A5-37
Dhcp Enabled . . . . . . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . . : Yes
IP Address . . . . . . . . . . . . . . . . . : 10.0.0.105
Subnet Mask . . . . . . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . . . . . . : 10.0.0.3
DNS Servers . . . . . . . . . . . . . . . . : 10.0.0.3
Primary WINS Server. . . . . . . . . . : 10.0.0.3

I have cleaned out the hosts file, lmhosts etc


0
 
LVL 1

Author Comment

by:Superdata
ID: 34102562
Sorry for the semi incoherent post, its getting late :P
0
 
LVL 28

Expert Comment

by:Michael Pfister
ID: 34109460
Maybe the WINS server got messed up. In most cases there is no more need to use WINS. For a test remove the WINS server config from a PC and recheck.
If its the problem and you can live without WINS, remove it from your DHCP config and remove WINS server from your SBS server.
If not, delete all entries the WINS database or at least check if the domain name netries point to the correct servers..
0
 
LVL 1

Author Comment

by:Superdata
ID: 34194001
Removed wins settings, re-added, checked the entries were all correct on the server and no issue there that i can see.
0
 
LVL 1

Accepted Solution

by:
Superdata earned 0 total points
ID: 34229052
OK - Here is the fix - after many many wasted hours.

Fully update the box, disjoin it from the domain,

Run - http://support.microsoft.com/kb/313222  to clear out the local security policy

rejoin domain, reboot, done (at least in my case)

what caused this issue i think, is that the old group policy from the previous domain was left hanging around and caused issues, running that clean up of the local security policy seems key, rejoining of the domain seemed to help on 1 of the machines, may not be required.
0
 
LVL 1

Author Closing Comment

by:Superdata
ID: 34272641
no other answer comes close.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Resolve DNS query failed errors for Exchange
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now