Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Group Policy error on Windows7 client attached to SBS 2003R server / DC

Posted on 2011-10-12
Medium Priority
Last Modified: 2012-05-12
Something has happened to one of the Windows7 clients on my business network, controlled by an SBS 2003 R2 domain controller. No user can print and my Administrator can't successfully run "mstsc /v:servername /admin". Symanted Endpoint Client can't synchronise with Symantec Protection Centre (which is on the SBS) but I users can acess the intra and internet and Email works fine.

Running "gpupdate /force" generates the following error.

The major difference between the computer with this problem and the rest of the clients is that they are all identical HP desktops and this particular client is my only high power workstation (which is business critical!).

Any help gratefully received.

From the event log...

The processing of Group Policy failed. Windows could not evaluate the Windows Management Instrumentation (WMI) filter for the Group Policy object CN={8A63E61B-F255-424D-88D7-4D984C213992},CN=Policies,CN=System,DC=HomeNet,DC=local. This could be caused by RSOP being disabled  or Windows Management Instrumentation (WMI) service being disabled, stopped, or other WMI errors. Make sure the WMI service is started and the startup type is set to automatic. New Group Policy objects or settings will not process until this event has been resolved.

From event log the details for this are...


  - Provider

   [ Name]  Microsoft-Windows-GroupPolicy
   [ Guid]  {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
   EventID 1065
   Version 0
   Level 2
   Task 0
   Opcode 1
   Keywords 0x8000000000000000
  - TimeCreated

   [ SystemTime]  2011-10-12T17:34:03.528320300Z
   EventRecordID 21183
  - Correlation

   [ ActivityID]  {0E7F5C6E-DD77-47E7-AE76-B236144DA0CE}
  - Execution

   [ ProcessID]  1524
   [ ThreadID]  2644
   Channel System
   Computer Jupiter.HomeNet.local
  - Security

   [ UserID]  S-1-5-21-1043698462-2783909157-1450187183-1151

- EventData

  SupportInfo1 4
  SupportInfo2 631
  ProcessingMode 1
  ProcessingTimeInMilliseconds 1141
  ErrorCode 2147749890
  DCName \\saturn.HomeNet.local
  GPOCNName CN={8A63E61B-F255-424D-88D7-4D984C213992},CN=Policies,CN=System,DC=HomeNet,DC=local
Question by:MarcusN
  • 5
  • 4

Author Comment

ID: 36960588
I forgot to mention that I have a single OU and that the workstation with the problem is listed in the same place as all the other computers on the network.
LVL 29

Expert Comment

by:Michael Pfister
ID: 36961515

Author Comment

ID: 36962450
I have run winmgmt /verifyrepository, as the link suggests, and the WMI repository on the Windows7 client is "consistent".

I've also run the command on other Windows7 clients and they also are consistent.

This command does not work on the SBS 2003 R2 server. Do I need to check consistency on the server to resolve issues with this particular client machine?

Is there any way that simply deleting the group policy will allow me to run a successful gpuodate ?
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 29

Accepted Solution

Michael Pfister earned 1500 total points
ID: 36962885
I believe its a client problem, the command won't run on XP/Windows 2003.

First determine which poicy is causing the problem: open a command prompt on your server and run

dsquery * dc=your,dc=domain -filter
"&(objectClass=groupPolicyContainer)(name={8A63E61B-F255-424D-88D7-4D984C213992})" -attr displayname

This woud display the name of the failing policy.
Then open the Group Policy Management console and locate this policy. Look at the WMI filter part. Maybe you can paste the content of the filter here

LVL 29

Expert Comment

by:Michael Pfister
ID: 36962890
I'd rather not delete the policy without knowing what it does, especially in a SBS environment.

Author Comment

ID: 36963088
OK, I found the policy in GPMC. It had a WMI filter on it which was "PreSP2" which I presume relates to XP pre Service Pack 2. I have no XP clients any longer. So, I set the filter to <none> and re-ran gpupdate on the client.

I received an error for a different policy and found that one which also had a WMI filter which was "SP2" and I also set that to <none> and ran gpupdate again. This time there was another error and it too had a WMI filter which was "Vista" which I also set to <none>.

Now when I run gpupdate /force the update is successful. All the filters related to Windows Firewall and, as I use ISA firewall, and that's working well, I didn't worry too much about resetting these WMI filters. (Perhaps that's wrong...)

However, the problem I need to fix (I can't access a network printer and I can't mstsc to the server or anything else and my SEP client is not functioning properly) persists still. I seem to have dealt with some GPO and WMI matters but not solved the problem that I wanted to.

Author Comment

ID: 36999389
The problem was a conflict between Symantec Endpoint Protection and PCTools Spyware Doctor (I routinely ran 2 spyware/malware programmes in the past without any problem).

The GPO in Windows7 is configured differently from those in XP and I can't run both of these applications simultaneously.

I chose to uninstall Spyware Doctor and all is now fine.

Author Closing Comment

ID: 36999395
The problem needed to be resolved by trial and error but the GPO did highlight the conflict between applications.
LVL 29

Expert Comment

by:Michael Pfister
ID: 36999535
The problem now is, the poilcies designed for Vista/Windows XP now get applied to Windows 7. If you do not have any XP/Vista clients, rather disable the erroring GPOs. I still wonder why the WMI filter doesn't work on WIn 7....

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
Exchange database can often fail to mount thereby halting the work of all users connected to it. Finding out why database isn’t mounting is crucial and getting the server back online. Stellar Phoenix Mailbox Exchange Recovery is a champion product t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question