Windows cannot perform filter check for Group Policy object CN=.....

Posted on 2010-11-18
Last Modified: 2012-05-10
  I'm on a client site and seeing error

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1065
Date:            11/18/2010
Time:            5:19:28 PM
User:            NT AUTHORITY\SYSTEM
Computer:      <ServerName>
Windows cannot perform filter check for Group Policy object CN={D8C6DA27-22B2-47CD-9436-35150F6F0B36},CN=Policies,CN=System,DC=<MyDOmainName>,DC=local. Group Policy processing aborted.

For more information, see Help and Support Center at

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1030
Date:            11/18/2010
Time:            5:19:28 PM
User:            NT AUTHORITY\SYSTEM
Computer:      <ServerName>
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.

For more information, see Help and Support Center at

I can browse the \\\sysvol\<MyDomainName>\Policies\{D8C6DA27-22B2-47CD-9436-35150F6F0B36} folder. by loopback, internal IP, and by Name.

DNS seems to be installed and working.  
Users\Workstations are not having policy issues.

the GPT.ini says:
displayName=Small Business Server Internet Connection Firewall

tThe internet connection wizard won't run without failing, but isn't generating errors in the log that seem to lead anywhere, the icw log also seems to be little help the first errors it shows is:

Error 0x80080005 returned from call to Getting IP address for the LAN NIC().
Error 0x80080005 returned from call to Reading in the LAN NIC info().
Error 0x80080005 returned from call to CNetCommit::Common().
Error 0x80080005 returned from call to CNetCommit::Commit().

it seems like a security error or DNS problem but I just can't seem to figure this out.

Question by:R. Andrew Koffron
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2

Expert Comment

ID: 34170278

Can you verify if you have correct permissions on the sysvol share por this Group Policy folder?
Take a look at this link, it show exactly what are the permisisons that have to be there:

And, do you have any error on FRS at the domain controllers? How much Doman Controllers do you have there on your structure?
LVL 16

Author Comment

by:R. Andrew Koffron
ID: 34170666
Security is right.

It's an SBS 2003 server, Only Server in the internal Physical Network Segament but other servers on the outside interface (shouldn't effect anything).

LVL 13

Accepted Solution

NarendraG earned 500 total points
ID: 34170697
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

LVL 16

Assisted Solution

by:R. Andrew Koffron
R. Andrew Koffron earned 0 total points
ID: 34174529
here's what I ended up with but that article definitely pointed me in the right direction.

after some research on WMI here's the steps that seemed to be the most directly effective.

run each line individually, or put a pause after each line in a batch file, several of the commands showed some failures on line 16-55 but it still fixed my WMI issues

stop winmgmt service, and rename the windows\system32\wbem\repository folder.start winmgmt

rundll32.exe setupapi,InstallHinfSection WBEM 132 %windir%\inf\wbemoc.inf
 *pull needed files from C:\windows\servicepackfiles\i386
rundll32 wbemupgd, RepairWMISetup

loaded the following script I found at
(took some troubleshooting added the exchange lines. the "for" statements puked and had to be run manually I inserted pauses after each line just in case so I was able to troubleshoot each line as it fired)
net stop exmgmt
net stop winmgmt
cd %windir%\system32\wbem
rd /S /Q repository
regsvr32 /s %systemroot%\system32\scecli.dll
regsvr32 /s %systemroot%\system32\userenv.dll
mofcomp cimwin32.mof
mofcomp cimwin32.mfl
mofcomp rsop.mof
mofcomp rsop.mfl
for /f %%s in (’dir /b /s *.dll’) do regsvr32 /s %%s
for /f %%s in (’dir /b *.mof’) do mofcomp %%s
for /f %%s in (’dir /b *.mfl’) do mofcomp %%s
mofcomp -n:root\cimv2\applications\exchange wbemcons.mof
mofcomp -n:root\cimv2\applications\exchange smtpcons.mof
mofcomp exmgmt.mof
mofcomp exwmi.mof
net start winmgmt
net start exmgmt
logged in to a pretty clean event log, Group Policies Applied. and apparently most the other errors I was seeing that looked totally unrelated where also effected by the WMI domino effect.

I'm going to assign points to narendraG but wanted to put more details into the EE question.
LVL 16

Author Closing Comment

by:R. Andrew Koffron
ID: 34203695
NarendraG Points: 500  Best Solution
pointed me at the fix but his comment had no details.
LVL 13

Expert Comment

ID: 34211932

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read…
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question