Group Policy Objects Not Being Processed by client PC.

I have a client PC which belongs to a specific GPO that I created.  When I use the client PC in question the restrictions I have applied are not in place.  I checked this PC's Event viewer and found the following errors.

Event Type:      Warning
Event Source:      DnsApi
Event Category:      None
Event ID:      11197
Date:            10/25/2011
Time:            1:40:59 PM
User:            N/A
Computer:      GROUPLEADER1
Description:
The system failed to update and remove host (A) resource records (RRs) for network adapter
with settings:

   Adapter Name : {DD28B727-5CE8-4D13-A150-56505757C4CF}
   Host Name : GroupLeader1
   Primary Domain Suffix : PLASTICSOLUTIONS.LOCAL
   DNS server list :
           192.168.1.55, 192.168.1.78
   Sent update to server : 192.1.1.1
   IP Address(es) :
     192.168.1.6

 The reason the update request failed was because of a system problem. For specific error code, see the record data displayed below.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 51 27 00 00               Q'..    


Event Type:      Warning
Event Source:      Dhcp
Event Category:      None
Event ID:      1003
Date:            10/25/2011
Time:            1:40:25 PM
User:            N/A
Computer:      GROUPLEADER1
Description:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00219B55DC03.  The following error occurred:
The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: c7 04 00 00               Ç...    


Event Type:      Warning
Event Source:      Dhcp
Event Category:      None
Event ID:      1003
Date:            10/25/2011
Time:            1:40:57 PM
User:            N/A
Computer:      GROUPLEADER1
Description:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00219B55DC03.  The following error occurred:
The semaphore timeout period has expired. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 79 00 00 00               y...    


Event Type:      Warning
Event Source:      DnsApi
Event Category:      None
Event ID:      11197
Date:            10/27/2011
Time:            4:16:24 AM
User:            N/A
Computer:      GROUPLEADER1
Description:
The system failed to update and remove host (A) resource records (RRs) for network adapter
with settings:

   Adapter Name : {DD28B727-5CE8-4D13-A150-56505757C4CF}
   Host Name : GroupLeader1
   Primary Domain Suffix : PLASTICSOLUTIONS.LOCAL
   DNS server list :
           192.168.1.55, 192.168.1.78
   Sent update to server : 192.1.1.1
   IP Address(es) :
     192.168.1.6

 The reason the update request failed was because of a system problem. For specific error code, see the record data displayed below.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 51 27 00 00               Q'..    

Any ideas how to correct this issue?  Thanks
Steve EckermanSystems AdministratorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AcklesCommented:
You have problems getting IP from DHCP & DNS is also failing.
Did you change anything for network ?

Give it a reboot & see.
A
0
Steve EckermanSystems AdministratorAuthor Commented:
Are you saying to reboot the server or the client PC?
0
AcklesCommented:
Only the client PC.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Steve EckermanSystems AdministratorAuthor Commented:
Tried that several times and still do not see GPO being applied.
0
AcklesCommented:
Listen, you first have to isolate the issue of Client not getting IP, unless it's DNS is fine you can't set GPO.
Can you have a look at server if DHCP service is running?

A
0
AcklesCommented:
Can you please do ipconfig /all
& post the results here , run this on Client.

A
0
Steve EckermanSystems AdministratorAuthor Commented:
The DHCP Client and Server Services are running on the domain controller.  I will send ipconfig shortly.
0
Steve EckermanSystems AdministratorAuthor Commented:
Here is the ipconfig text. IPCONFIG.txt
0
AcklesCommented:
& u still see the same error in Event Log?
can you please run ipconfig /release & ipconfig /renew
A
0
Steve EckermanSystems AdministratorAuthor Commented:
Should I do a restart on the domain controller for the DHCP client and Server services?  I do not want to disrupt the network while people are working.  Please advise.  Thanks.
0
Steve EckermanSystems AdministratorAuthor Commented:
Checking now.  I will also perform the release and renew as well.
0
AcklesCommented:
I see your DHCP server is 78 & DNS is 55,  can you confirm this?
0
AcklesCommented:
Can you please explain your environment, like the what is your DC, where is DNS & where is DHCP?
0
AcklesCommented:
Just do one thing, go to the network card properties of client & give it a Static IP & then see if GPO applies?
A
0
Steve EckermanSystems AdministratorAuthor Commented:
What IP address should I use for the client.  Would my subnet mask be 255.255.255.0?  Should I use the domain servers IP address as the DNS address?  Sorry so many questions...networking is not my strong suit.
0
AcklesCommented:
Listen, go to network configuration of your DC. run ipconfig on it  & paste it here.
Is DC also having DNS?

A
0
Steve EckermanSystems AdministratorAuthor Commented:
The domain controller does run DNS.  Attached is the DC IPCONFIG.
DCIPCONFIG.txt
0
AcklesCommented:
Put this on client:
IP: 192.168.1.6
Subnet: 255.255.255.0
Gateway: 192.168.1.1
DNS: 192.168.1.55

Once this is done, try ping PSIDC1.PLASTICSOLUTIONS.LOCAL

Also can you confirm that the computer is joined to the Domain?
A
0
Steve EckermanSystems AdministratorAuthor Commented:
The computer is joined to the domain.  I plugged in the values you gave me for the client nic.  I rebooted and the GPO were still not applied.  I checked the event viewer and found these 2 events.


Event Type:      Error
Event Source:      AutoEnrollment
Event Category:      None
Event ID:      15
Date:            10/27/2011
Time:            9:54:36 AM
User:            N/A
Computer:      GROUPLEADER1
Description:
Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.
  Enrollment will not be performed.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1054
Date:            10/27/2011
Time:            9:54:54 AM
User:            NT AUTHORITY\SYSTEM
Computer:      GROUPLEADER1
Description:
Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

I hope this is more help.
0
Steve EckermanSystems AdministratorAuthor Commented:
I was able to ping PSIDC1.PLASTICSOLUTION.LOCAL from the client PC.
0
AcklesCommented:
That is good, it seems you are on the same network now.
Put the computer to Workgroup & at the same time remove it from Domain (on DC)
On DC also see if you have any entries for your client (GroupLeader1) delete them.

Once you have done this, try to join the Client again to Domain.

Your error above is showing something is wrong as it can't find Domain.
This will be faster & clear check.

Also, you never mentioned what is the OS of your Client?

A
0
AcklesCommented:
On DC, you have to remove the GroupLeader1 from Active Directories in the OU where you have put it.

Also, please any entry for GroupLeader1 from DNS on DC.

BUT DO THIS AFTER YOU HAVE PUT THE CLIENT ON WORKGROUP ON CLIENT ITSELF.

A
0
Steve EckermanSystems AdministratorAuthor Commented:
So I will put them into the WORKGROUP.  Then come back to the server and delete their user profile from Active Directory.  Then re-create the user profile in Active Directory and then rejoin the client PC to the domain?
0
Steve EckermanSystems AdministratorAuthor Commented:
Client OS is XP Professional
0
AcklesCommented:
Hold on,you have to do nothing with User Profile.
You just delete computer entry from DC.
0
AcklesCommented:
Please also rename the computer to say Test when you put it in workgroup.
When you add computer again to domain rename it to GroupLeader1
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Steve EckermanSystems AdministratorAuthor Commented:
Thank you for your great answers and paitence!
0
AcklesCommented:
Glad it worked!!! I was worried as you didn't come back for long.
A
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.