GP errors

Posted on 2012-04-10
Last Modified: 2012-07-21
I seem to be having issue with some of our servers within our domiain generating these errors on a regular basis:

Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=ldc,DC=*domainname*,DC=co,DC=uk. The file must be present at the location <\\*DOMAINNAME*\sysvol\*DOMAINNAME*\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>. (The format of the specified network name is invalid. ). Group Policy processing aborted.

and then we would recieve the error:

Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.

We have recently added 2 new windows server 2008 R2 Domain controllers to the domain using forest functional level of Windows server 2003.

Does anyone know a way I can stop these errors from being generated.

Question by:ccfcfc
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 4
  • 2
LVL 10

Expert Comment

ID: 37827172
Is this the DC in which FRS service is running and you are getting the errors?

Upload "repadmin /showrepl dc* /verbose /all /intersite >c:\replication.txt"

And also

dcdiag /v /c /d /e /s:dcname >c:\dcdiag.txt
LVL 59

Expert Comment

by:Darius Ghassem
ID: 37827567
Post a plain dcdiag without switches. Seems like the Windows 2008 Server aren't fully replicated which we can fix pretty easy but I need to make sure that is the problem

Author Comment

ID: 37828142
here you go

see attached

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 59

Expert Comment

by:Darius Ghassem
ID: 37828159
Check your DNS settings you should be only pointing to internal DNS servers only in the TCP\IP properties
LVL 10

Expert Comment

ID: 37828378
Check the Primary DNS servers configured .  Point it to local host and to the Secondary DNS server to the  nearest available DC .

Author Comment

ID: 37831492
We seem to be getting entries in a few member servers in the domain with the following :-

Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9},
CN=Policies,CN=System,DC=ldc,DC=intamac,DC=co,DC=uk. The file must be present at the
location <\\\sysvol\\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>.
(The format of the specified network name is invalid. ). Group Policy processing aborted.

Source: userenv
EventID : 1058
Type error
LVL 59

Expert Comment

by:Darius Ghassem
ID: 37832486
Please post ipconfig /all

Are these happening on all clients or servers?

Author Comment

ID: 37832521
here you go:

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\*******>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : LDC-DC-01
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . :

Ethernet adapter NIC Team 1:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : BASP Virtual Adapt
   Physical Address. . . . . . . . . : 00-19-B9-EE-48-1F
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . :
   Subnet Mask . . . . . . . . . . . :
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . :

C:\Documents and Settings\*(((****>

No this network only hosts servers and NO workstations.


Author Comment

ID: 37833109
These errors are only happening on a few member servers in the domain
LVL 59

Expert Comment

by:Darius Ghassem
ID: 37833893
Have you run dfsutil /purgemupcache

Author Comment

ID: 37923341
IT seems possibly that a "non microsoft" service is the issue so, running "start msconfig" and disabling these services and waitng to see if GP repliactions occurs.
Problem then is, working out what services is creating the problem.

Author Comment

ID: 38182390
I've requested that this question be closed as follows:

Accepted answer: 0 points for ccfcfc's comment #37923341

for the following reason:

no other solution has been found.

Accepted Solution

ccfcfc earned 0 total points
ID: 38189763
All it seems after long discussions with Microsoft and our Anti-Virus provider, Kaspersky, we seem to have found the solution.

It seems that the the Primary DC was the only server which was having the issue with the group policy as other servers which was using the secondary DC on our network were all downloading the group policy OK. Also the affected clients, I moved over to the secondary server, and seems to be working OK.

Therefore having a look at the config, our primary DC has Symatec Endpoint Installed and running which i believe is causing the issue as the secodnary DC has Kaspersky Endpoint installed and works fine. Removed AV and seems to be working OK again.

Author Closing Comment

ID: 38209868
This is the solution after many investigations with Kaspersky and Microsoft.

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question