Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 858
  • Last Modified:

Old GPO keeps applying

I have a domain windows 2003 (SP2) that has some gpo configured.

Im having some problems with one gpo that keeps applying the old seetings.

The gpo is configured to set the default home page for IE to our intranet server. A couple of weeks ago we changed the gpo to point the default home page to our new intranet server(new url). Basically we edited existing gpo t

Now some WinXP machines keep having the old intranet server as default  home page...and what is  weird is that sometimes the same machine works fine but the next day shows the old home page again.

We have tried gpupdate /force in all machines, we have been looking all gpo to see if there is any other gpo pointing to the old intranet serve, DNS,r..we cant find where is the problem.

We have tried to reset internet options from the gpo...but again this random problem keeps happening.

After burning our brains we found a registry key on WinXp that was pointing to the old intranet url. We manually changed to the new url. But we cannot  manually do this for 250 machines. It must have another way.

How can I remove the old settings? Is there any sort of cache in the server or in the WinXP? Keep in mind the the gpo is the same one, we didnt create a new one, we just edited the defaultl home page settings to point to a new url. Any idea guys?

Thanks,
0
LioElectronic
Asked:
LioElectronic
  • 6
  • 4
  • 4
  • +1
1 Solution
 
yo_beeDirector of ITCommented:
How many DNS servers do you have?
Maybe the A record or CNAME that points to the old server.
How many GPO do you have applied and can you audit each one to see if there is another GPO with that setting?
0
 
yo_beeDirector of ITCommented:
What about using a script to delete the value?
WMI scripting or .reg /s file to remove the value of concern.
0
 
yo_beeDirector of ITCommented:
Also Have your Run the GPO Results Wizard against the computer that you know that this is happening to.

This will show you if the proper policy are being applied.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
Donald StewartNetwork AdministratorCommented:
Did you use "Internet Explorer Maintenance" to set the homepage?

If so you will need to go to the original GPO where you set it and right click on "Internet Explorer Maintenance" and select "Reset Browser Settings" in order to remove any settings you configured here.
0
 
LioElectronicAuthor Commented:
There is no DNS entry for the old server and we have checked all gpo and there is no other gpo that sets the default home page
0
 
LioElectronicAuthor Commented:
Dstewartjr.

We did use Internet Explorer Maintenance" to set the homepage and yes we have reset browser settings as well

There is no original gpo....we have edited the gpo with the new intranet server URL.
0
 
LioElectronicAuthor Commented:
Yo_bee:

I have run RSoP against one of the computer that always have problem and the correct policy and settings are there. It seems to be all fine..but again every now an then the computer birngs the wrong home page.

By the way the gpo is set for users..not computers.
0
 
Donald StewartNetwork AdministratorCommented:
Do you have "Internet Explorer Maintenance policy processing" enabled


http://support.microsoft.com/kb/923737

To work around this problem, you can enable a policy setting to reapply any policies that you first applied through Internet Explorer Maintenance Extension. To create this policy setting, follow these steps:

    Log on to the computer as a local administrator.
    Click Start, and then click Run. Copy and then paste (or type) the following command into the Open box, and then press ENTER:
    gpedit.msc
    The Group Policy window appears.
    In the left navigation pane, expand Computer Configuration, expand Administrative Templates, expand System, and then click Group Policy.
    In the right navigation pane, double-click Internet Explorer Maintenance policy processing.
    Click Enabled, click Apply, and then click OK.

After you enable this policy setting, any policies that are set through Internet Explorer Maintenance Extension are refreshed when the Group Policy object is updated.
0
 
LioElectronicAuthor Commented:
dstewartjr:

This work around may work however I have 250 computers in my network. I cannot log on in each computer one by one. It will be a huge administrative effort. I have a found a work around in the registry but again I need to fix this for all 250 pcs...If I have to manually do this for all computers I will spend days. My goal is first to understand why this is happening and how to fix via Active Directory .

Thanks,
0
 
fireline1082Commented:

If it is working sometime and not working the other; then I suspect you have AD replication issue

Can you please tell me how many Domain controller (DC) servers you have in your organization - How many site - and how many domain setup?


Please run dcdiag command from one of your DC ; from command prompt type> dcidag /e

and post the result of the command here


0
 
LioElectronicAuthor Commented:
fireline1082:

I have 4 domain controllers and one site only.



C:\Program Files\Support Tools>dcdiag /e

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\LIOEDC
      Starting test: Connectivity
         ......................... LIOEDC passed test Connectivity

   Testing server: Default-First-Site-Name\LIOEDCQLD
      Starting test: Connectivity
         ......................... LIOEDCQLD passed test Connectivity

   Testing server: Default-First-Site-Name\LIOEBAK
      Starting test: Connectivity
         ......................... LIOEBAK passed test Connectivity

   Testing server: Default-First-Site-Name\LIOEDCVIC
      Starting test: Connectivity
         ......................... LIOEDCVIC passed test Connectivity

   Testing server: Default-First-Site-Name\LIOEHYPERV
      Starting test: Connectivity
         ......................... LIOEHYPERV passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\LIOEDC
      Starting test: Replications
         ......................... LIOEDC passed test Replications
      Starting test: NCSecDesc
         ......................... LIOEDC passed test NCSecDesc
      Starting test: NetLogons
         ......................... LIOEDC passed test NetLogons
      Starting test: Advertising
         ......................... LIOEDC passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... LIOEDC passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... LIOEDC passed test RidManager
      Starting test: MachineAccount
         ......................... LIOEDC passed test MachineAccount
      Starting test: Services
         ......................... LIOEDC passed test Services
      Starting test: ObjectsReplicated
         ......................... LIOEDC passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... LIOEDC passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL replication
         problems may cause Group Policy problems.
         ......................... LIOEDC failed test frsevent
      Starting test: kccevent
         ......................... LIOEDC passed test kccevent
      Starting test: systemlog
         ......................... LIOEDC passed test systemlog
      Starting test: VerifyReferences
         ......................... LIOEDC passed test VerifyReferences

   Testing server: Default-First-Site-Name\LIOEDCQLD
      Starting test: Replications
         ......................... LIOEDCQLD passed test Replications
      Starting test: NCSecDesc
         ......................... LIOEDCQLD passed test NCSecDesc
      Starting test: NetLogons
         ......................... LIOEDCQLD passed test NetLogons
      Starting test: Advertising
         ......................... LIOEDCQLD passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... LIOEDCQLD passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... LIOEDCQLD passed test RidManager
      Starting test: MachineAccount
         ......................... LIOEDCQLD passed test MachineAccount
      Starting test: Services
         ......................... LIOEDCQLD passed test Services
      Starting test: ObjectsReplicated
         ......................... LIOEDCQLD passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... LIOEDCQLD passed test frssysvol
      Starting test: frsevent
         ......................... LIOEDCQLD passed test frsevent
      Starting test: kccevent
         ......................... LIOEDCQLD passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 05/10/2011   14:16:50
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 05/10/2011   14:19:25
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 05/10/2011   14:19:29
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 05/10/2011   14:19:33
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 05/10/2011   14:19:37
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 05/10/2011   14:19:51
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 05/10/2011   14:34:29
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 05/10/2011   14:34:34
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 05/10/2011   14:34:38
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 05/10/2011   14:34:55
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 05/10/2011   14:49:27
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 05/10/2011   15:07:07
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 05/10/2011   15:07:22
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 05/10/2011   15:09:08
            Event String: The kerberos client received a
         ......................... LIOEDCQLD failed test systemlog
      Starting test: VerifyReferences
         ......................... LIOEDCQLD passed test VerifyReferences

   Testing server: Default-First-Site-Name\LIOEBAK
      Starting test: Replications
         ......................... LIOEBAK passed test Replications
      Starting test: NCSecDesc
         ......................... LIOEBAK passed test NCSecDesc
      Starting test: NetLogons
         ......................... LIOEBAK passed test NetLogons
      Starting test: Advertising
         ......................... LIOEBAK passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... LIOEBAK passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... LIOEBAK passed test RidManager
      Starting test: MachineAccount
         ......................... LIOEBAK passed test MachineAccount
      Starting test: Services
         ......................... LIOEBAK passed test Services
      Starting test: ObjectsReplicated
         ......................... LIOEBAK passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... LIOEBAK passed test frssysvol
      Starting test: frsevent
         ......................... LIOEBAK passed test frsevent
      Starting test: kccevent
         ......................... LIOEBAK passed test kccevent
      Starting test: systemlog
         ......................... LIOEBAK passed test systemlog
      Starting test: VerifyReferences
         ......................... LIOEBAK passed test VerifyReferences

   Testing server: Default-First-Site-Name\LIOEDCVIC
      Starting test: Replications
         ......................... LIOEDCVIC passed test Replications
      Starting test: NCSecDesc
         ......................... LIOEDCVIC passed test NCSecDesc
      Starting test: NetLogons
         ......................... LIOEDCVIC passed test NetLogons
      Starting test: Advertising
         ......................... LIOEDCVIC passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... LIOEDCVIC passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... LIOEDCVIC passed test RidManager
      Starting test: MachineAccount
         ......................... LIOEDCVIC passed test MachineAccount
      Starting test: Services
         ......................... LIOEDCVIC passed test Services
      Starting test: ObjectsReplicated
         ......................... LIOEDCVIC passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... LIOEDCVIC passed test frssysvol
      Starting test: frsevent
         ......................... LIOEDCVIC passed test frsevent
      Starting test: kccevent
         ......................... LIOEDCVIC passed test kccevent
      Starting test: systemlog
         ......................... LIOEDCVIC passed test systemlog
      Starting test: VerifyReferences
         ......................... LIOEDCVIC passed test VerifyReferences

   Testing server: Default-First-Site-Name\LIOEHYPERV
      Starting test: Replications
         ......................... LIOEHYPERV passed test Replications
      Starting test: NCSecDesc
         ......................... LIOEHYPERV passed test NCSecDesc
      Starting test: NetLogons
         ......................... LIOEHYPERV passed test NetLogons
      Starting test: Advertising
         ......................... LIOEHYPERV passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... LIOEHYPERV passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... LIOEHYPERV passed test RidManager
      Starting test: MachineAccount
         ......................... LIOEHYPERV passed test MachineAccount
      Starting test: Services
         ......................... LIOEHYPERV passed test Services
      Starting test: ObjectsReplicated
         ......................... LIOEHYPERV passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... LIOEHYPERV passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL replication
         problems may cause Group Policy problems.
         ......................... LIOEHYPERV failed test frsevent
      Starting test: kccevent
         ......................... LIOEHYPERV passed test kccevent
      Starting test: systemlog
         ......................... LIOEHYPERV passed test systemlog
      Starting test: VerifyReferences
         ......................... LIOEHYPERV passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : lio
      Starting test: CrossRefValidation
         ......................... lio passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... lio passed test CheckSDRefDom

   Running enterprise tests on : lio.local
      Starting test: Intersite
         ......................... lio.local passed test Intersite
      Starting test: FsmoCheck
         ......................... lio.local passed test FsmoCheck

C:\Program Files\Support Tools>
0
 
fireline1082Commented:


Yes, as I told you; you have replication issues

on these DCs :

1- LIOEDC

Evidence:
 Starting test: frssysvol
         ......................... LIOEDC passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL replication
         problems may cause Group Policy problems.


****
Note: SYSVOL replication is where all your GPOs setting replicated among DCs and other stuff
******


2-  LIOEHYPERV

Evidence:

Starting test: frssysvol
         ......................... LIOEHYPERV passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL replication
         problems may cause Group Policy problems.
         ......................... LIOEHYPERV failed test frsevent


*****
Note: same thing as above




To confirm this; login to any client PC where you see the GPO setting is not applied; and then run from command promot: > echo %logonserver%

You should get back the name of one of these 2 DCs. This command basically tell you the Domain controller that authenticates you during your login


To troubleshoot; there are many thing - but first let get the Event viewer of these two machines

can you please login to these two machines; and post here the warning or errors of "File Service Replication"

Thanks
0
 
yo_beeDirector of ITCommented:
Another question.  Does your old Intranet host server even exist on the network anymore?
0
 
Donald StewartNetwork AdministratorCommented:
The policy I pointed out is a group policy that you can apply to all computers at once, no need to go to each one.
0
 
LioElectronicAuthor Commented:
fireline1082:

We were suspicious about replication as well. Further investigation, we've found out the LIOEBAK is having problems replicating to LIOEDC and LIOEHYPERV  

In all 3 server we've found this log

"The File Replication Service is having trouble enabling replication from LIOEBAK to LIOEDC for c:\windows\sysvol\domain using the DNS name lioebak.lio.local. FRS will keep retrying.
 Following are some of the reasons you would see this warning. "

Using FRS Ultrasound also shows that LIOEBAK is having probelm with replication to other 2 domain controllers.
We've tested DNS and connectivity ..its all good so far. So I guess the easy way will be to remove this LIOEBAK from the domain, reinstall Win2003 and run dcpromo and what if the replication issue still happing.
Any thoughts ?
0
 
fireline1082Commented:
Hi LioElectronic,

for replication thing; Microsoft recommend to do these steps first:

1 checking FRS service
2- check netwrok connectivity
3- check DNS resolution
....etc

However, I have come to similar issue before and found good solution which works for me (note: it took me long time until I found this while searching)

It is nonauthoritative restore; However Microsoft recommend using this as last option but since you are willing to remove and re-install the DCs then consider trying this

This is the link
http://support.microsoft.com/kb/290762

You can read about D2, from the above link

go to both DCs with problem in replication and do this

To perform a nonauthoritative restore, stop the FRS service, configure the BurFlags registry key, and then restart the FRS service. To do so:

1- Click Start, and then click Run.
2- In the Open box, type cmd and then press ENTER.
3- In the Command box, type net stop ntfrs.
4- Click Start, and then click Run.
5- In the Open box, type regedit and then press ENTER.
Locate the following subkey in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
In the right pane, double-click BurFlags.
In the Edit DWORD Value dialog box, type D2 and then click OK.

6- Quit Registry Editor, and then switch to the Command box.
7- In the Command box, type net start ntfrs.
8- Quit the Command box.

This will re-initialize the replication with the other DCs and you should see the following after:

- When the FRS service restarts, the following actions occur:
- The value for BurFlags registry key returns to 0.
- Files in the reinitialized FRS folders are moved to a Pre-existing folder.
An event 13565 is logged to signal that a nonauthoritative restore is started.
The FRS database is rebuilt.
- The member performs an initial join of the replica set from an upstream partner or from the computer that is specified in the Replica Set Parent registry key if a parent has been specified for SYSVOL replica sets.
The reinitialized computer runs a full replication of the affected replica sets when the relevant replication schedule begins.
- When the process is complete, an event 13516 is logged to signal that FRS is operational. If the event is not logged, there is a problem with the FRS configuration.


Let me know if this works for you ; remeber to do this only on LIOEDC & LIOEHYPERV

Thanks
0
 
fireline1082Commented:
Hi LioElectronic,

Can we get your feedback and whether the problem is solved or not

Thanks
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 6
  • 4
  • 4
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now