troubleshooting Question

Windows could not determine the computer account to enforce Group Policy settings, SBS 2003 SP2, WIndows 7 SP1 - Financial reward also offered!!

Avatar of Happy_Computing
Happy_ComputingFlag for United Kingdom of Great Britain and Northern Ireland asked on
Windows Server 2003SBSWindows 7
33 Comments1 Solution14259 ViewsLast Modified:
Hi all,

This is the first ever problem I have not been able to solve in my 15 years in IT and I have been working on this for 2 weeks, so I am willing to offer a financial reward to anyone that helps me solve the problem.  Reward will be based on time spent solving problem, but will be between £50 and £100.

I have setup 3 Windows 7 SP1 machines on a Small Business server 2003 Domain.
The server is NOT R2 and has SP2 installed.
The server also has all available updates installed manually, from the Microsoft update web site in case any were missed with windows update.

The end result will be to use Group Policy to allow Ping to the Windows 7 machines as well as apply a few simple Windows update setting and allow Spiceworks to connect and inventory the machines successfully.

The error I am getting is after running gpupdate /force is:

Updating Policy...

User Policy update has completed successfully.
Computer policy could not be updated successfully. The following errors were enc

The processing of Group Policy failed. Windows could not determine the computer
account to enforce Group Policy settings. This may be transient. Group Policy se
ttings, including computer configuration, will not be enforced for this computer

To diagnose the failure, review the event log or run GPRESULT /H GPReport.html f
rom the command line to access information about Group Policy results.

The event viewer on the local machine shows only once error in the system log: (I have changed the domain and computer names in the text below)

Log Name:      System
Source:        Microsoft-Windows-GroupPolicy
Date:          12/07/2011 01:09:46
Event ID:      1097
Task Category: None
Level:         Error
User:          SYSTEM
Computer:      COMPUTER.domain.local
The processing of Group Policy failed. Windows could not determine the computer account to enforce Group Policy settings. This may be transient. Group Policy settings, including computer configuration, will not be enforced for this computer.
Event Xml:
<Event xmlns="">
    <Provider Name="Microsoft-Windows-GroupPolicy" Guid="{AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}" />
    <TimeCreated SystemTime="2011-07-12T00:09:46.398333000Z" />
    <Correlation ActivityID="{7606E34A-5028-4E77-AC76-126A1E9C6766}" />
    <Execution ProcessID="112" ThreadID="2316" />
    <Security UserID="S-1-5-18" />
    <Data Name="SupportInfo1">5</Data>
    <Data Name="SupportInfo2">256</Data>
    <Data Name="ProcessingMode">0</Data>
    <Data Name="ProcessingTimeInMilliseconds">702</Data>
    <Data Name="ErrorCode">11004</Data>
    <Data Name="ErrorDescription">The requested name is valid, but no data of the requested type was found. </Data>
    <Data Name="DCName">\\SERVER.DOMAIN.local</Data>

I have tried the following:

Installing Remote Server Administration Tools for Windows 7 with Service Pack 1 (SP1) on a Windows 7 PC and updating the Group Policy from there. - Same Error.

Creating a new OU for Windows 7 computers, blocking inheritance, disabling the default domain policy and blocking inheritance and making sure (as far as I can tell) that no GP is being applied to the machines. - Still the same error.

Creating a PolicyDefinitions folder on the server under %WINDIR%\SYSVOL\domain\Policies\ and copying the ADMX and ADML files to this location from the Windows 7 PC. - Didn't help.

I have also made sure the DNS is working via NSlookup and pings with -a.

The time on the PC's and servers is exactly the same and the server is the time server for the Windows 7 machines.

Two of the PC's are from an identical image that I created and deployed using Acronis Snap Deploy Trial.  (This software has loads of issues, but after a bit of experimenting sort of worked)

I also get the same problem on a PC that was loaded from scratch using the Windows 7 SP1 OEM DVD and has not been touched with Acronis or Sysprep etc.

All computers have the latest updates installed.

The network is definitely not the problem and I have tried with all firewalls turned off and with user account control turned off.

Please let me know if you can help me as I REALLY need to get this sorted ASAP now.

Thanks in advance.



Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 33 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 33 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros