Unable to edit GPO
Posted on 2011-10-13
On a 32 bit SBS 2003 server running as a domain controller I get the following error when attempting to edit the domain policy gpo; "Failed to open the group policy object, you may not have sufficient rights." Under details I get, "The data is invalid." This is happening for at least two users, one the built in administrator account and another admin account, both members of the Enterprise admin group. Event viewer shows massive numbers of 1085 and 1096 errors, both at the corresponding times and not. The 1085 errors are in relation to Internet Explorer Zonemapping, the 1096 Reads "Windows cannot access the registry policy file." and points to the machine\registry.pol file as containing invalid data. At this point the GPO cannot be edited from anywhere.