Avatar of LWBIT
LWBIT asked on

Group Policy Error 1058 - Windows 2008 DCs and Win 7 Clients

Hi,
All of a sudden we are receiving the following error and it is popping up exponetially on our clients when trying to pull Group Policys:

The processing of Group Policy failed. Windows attempted to read the file \\lwb.local\SysVol\lwb.local\Policies\{758725FA-812B-4A29-A1A7-EC80126136D2}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.


We are fully win 2008 servers and Windows 7 clients. Error started appearing late last week and they are springing up more and more daily.

Does anyone have any ideas?
Windows Server 2008Windows 7

Avatar of undefined
Last Comment
Darius Ghassem

8/22/2022 - Mon
Radhakrishnan

Try this MS article for this issue, Before modifying registry please take backup.
http://support.microsoft.com/kb/314494
Darius Ghassem

Run a dcdiag on server post results.

make sure clients are pointing to the Domain Controllers only for DNS and Domain Controllers are doing the same.
ASKER
LWBIT

radhakrishnan2007 that is issue is for XP Clients and DFS is turned on the clients.

dariusg, results below, this is from one of our DCs, we have 3 DCs and 4 RODCs. It seems to be sporadic, yesterday I tried a few more GPUpdates and it worked fine, then it will stop working for a few hours.

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = pdc00wdc01
   * Identified AD Forest.
   Ldap search capabality attribute search failed on server AUC00FAP01, return
   value = 81
   Got error while checking if the DC is using FRS or DFSR. Error:
   Win32 Error 81The VerifyReferences, FrsEvent and DfsrEvent tests might fail
   because of this error.
   Done gathering initial info.

Doing initial required tests

   Testing server: Datacenter\PDC00WDC01
      Starting test: Connectivity
         ......................... PDC00WDC01 passed test Connectivity

Doing primary tests

   Testing server: Datacenter\PDC00WDC01
      Starting test: Advertising
         ......................... PDC00WDC01 passed test Advertising
      Starting test: FrsEvent
         ......................... PDC00WDC01 passed test FrsEvent
      Starting test: DFSREvent
         ......................... PDC00WDC01 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... PDC00WDC01 passed test SysVolCheck
      Starting test: KccEvent
         ......................... PDC00WDC01 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... PDC00WDC01 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... PDC00WDC01 passed test MachineAccount
      Starting test: NCSecDesc
         ......................... PDC00WDC01 passed test NCSecDesc
      Starting test: NetLogons
         [PDC00WDC01] User credentials does not have permission to perform this
         operation.
         The account used for this test must have network logon privileges
         for this machine's domain.
         ......................... PDC00WDC01 failed test NetLogons
      Starting test: ObjectsReplicated
         ......................... PDC00WDC01 passed test ObjectsReplicated
      Starting test: Replications
         [Replications Check,PDC00WDC01] DsReplicaGetInfo(PENDING_OPS, NULL)
         failed, error 0x2105 "Replication access was denied."
         ......................... PDC00WDC01 failed test Replications
      Starting test: RidManager
         ......................... PDC00WDC01 passed test RidManager
      Starting test: Services
            Could not open NTDS Service on PDC00WDC01, error 0x5
            "Access is denied."
         ......................... PDC00WDC01 failed test Services
      Starting test: SystemLog
         An error event occurred.  EventID: 0x00000457
            Time Generated: 12/02/2010   08:23:59
            Event String:
            Driver FX DocuPrint 240A-AP required for printer !!Nat00fap01!Nation
al - IT - FX DP 240A PCL is unknown. Contact the administrator to install the dr
iver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 12/02/2010   08:24:03
            Event String:
            Driver Microsoft Office Document Image Writer Driver required for pr
inter Microsoft Office Document Image Writer is unknown. Contact the administrat
or to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 12/02/2010   08:24:03
            Event String:
            Driver Adobe PDF Converter required for printer Adobe PDF is unknown
. Contact the administrator to install the driver before you log in again.
         ......................... PDC00WDC01 failed test SystemLog
      Starting test: VerifyReferences
         ......................... PDC00WDC01 passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : lwb
      Starting test: CheckSDRefDom
         ......................... lwb passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... lwb passed test CrossRefValidation

   Running enterprise tests on : lwb.local
      Starting test: LocatorCheck
         ......................... lwb.local passed test LocatorCheck
      Starting test: Intersite
         ......................... lwb.local passed test Intersite
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Darius Ghassem

Make sure you are running this dcdiag with the correct Domain Admin account
Darius Ghassem

Actually right-click command prompt run as admin then run dcdiag post
ASKER
LWBIT

Of course - My bad... See below:
Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = pdc00wdc01
   * Identified AD Forest.
   Ldap search capabality attribute search failed on server AUC00FAP01, return
   value = 81
   Got error while checking if the DC is using FRS or DFSR. Error:
   Win32 Error 81The VerifyReferences, FrsEvent and DfsrEvent tests might fail
   because of this error.
   Done gathering initial info.

Doing initial required tests

   Testing server: Datacenter\PDC00WDC01
      Starting test: Connectivity
         ......................... PDC00WDC01 passed test Connectivity

Doing primary tests

   Testing server: Datacenter\PDC00WDC01
      Starting test: Advertising
         ......................... PDC00WDC01 passed test Advertising
      Starting test: FrsEvent
         ......................... PDC00WDC01 passed test FrsEvent
      Starting test: DFSREvent
         ......................... PDC00WDC01 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... PDC00WDC01 passed test SysVolCheck
      Starting test: KccEvent
         ......................... PDC00WDC01 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... PDC00WDC01 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... PDC00WDC01 passed test MachineAccount
      Starting test: NCSecDesc
         ......................... PDC00WDC01 passed test NCSecDesc
      Starting test: NetLogons
         ......................... PDC00WDC01 passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... PDC00WDC01 passed test ObjectsReplicated
      Starting test: Replications
         ......................... PDC00WDC01 passed test Replications
      Starting test: RidManager
         ......................... PDC00WDC01 passed test RidManager
      Starting test: Services
         ......................... PDC00WDC01 passed test Services
      Starting test: SystemLog
         ......................... PDC00WDC01 passed test SystemLog
      Starting test: VerifyReferences
         ......................... PDC00WDC01 passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : lwb
      Starting test: CheckSDRefDom
         ......................... lwb passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... lwb passed test CrossRefValidation

   Running enterprise tests on : lwb.local
      Starting test: LocatorCheck
         ......................... lwb.local passed test LocatorCheck
      Starting test: Intersite
         ......................... lwb.local passed test Intersite

C:\Windows\system32>
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Darius Ghassem

Post ipconfig /all from client and domain controllers.

Disable all NICs in Domain Controllers except for one
ASKER
LWBIT

Server:
C:\Windows\system32>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : pdc00wdc01
   Primary Dns Suffix  . . . . . . . : lwb.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : lwb.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Citrix XenServer PV Ethernet Adapter
   Physical Address. . . . . . . . . : 46-36-01-7B-E3-A0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.30.10.20(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.30.10.254
   DNS Servers . . . . . . . . . . . : 10.30.10.20
                                       10.30.10.21
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{3088DDFA-EB55-45CD-8AAF-B558DCADB4C3}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes




Client:
C:\Users\garry.wordsworth>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : NAT6076
   Primary Dns Suffix  . . . . . . . : lwb.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : lwb.local
                                       lwb.local.net

Mobile Broadband adapter Mobile Broadband Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Dell Wireless 5540 HSPA Mini-Card Network
 Adapter
   Physical Address. . . . . . . . . : 02-80-37-EC-02-00
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Citrix Virtual Adapter
   Physical Address. . . . . . . . . : 02-50-F2-00-00-01
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Dell Wireless 1510 Wireless-N WLAN Mini-C
ard
   Physical Address. . . . . . . . . : 78-E4-00-F6-8A-C5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : lwb.local
   Description . . . . . . . . . . . : Intel(R) 82567LM Gigabit Network Connecti
on
   Physical Address. . . . . . . . . : 00-26-B9-D8-F8-13
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a8e5:1e3b:a335:f502%14(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.10.21.31(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.254.0
   Lease Obtained. . . . . . . . . . : Thursday, 2 December 2010 7:35:07 AM
   Lease Expires . . . . . . . . . . : Thursday, 2 December 2010 5:35:07 PM
   Default Gateway . . . . . . . . . : 10.10.21.248
   DHCP Server . . . . . . . . . . . : 10.10.21.246
   DHCPv6 IAID . . . . . . . . . . . : 385885881
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-CE-E0-EA-00-26-B9-D8-F8-13

   DNS Servers . . . . . . . . . . . : 10.30.10.20
                                       10.30.10.21
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.lwb.local:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : lwb.local
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{EAD0007B-2CD1-4EE6-BFF5-BC5CF6357F8A}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable Microsoft 6To4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
ASKER
LWBIT

Only one NIC on the DCs
Your help has saved me hundreds of hours of internet surfing.
fblack61
ASKER CERTIFIED SOLUTION
Darius Ghassem

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question