<div>
If you have valid sysvol backup the restore the folder named {6AC1786C-016F-11D2-945F-00C04fB984F9} to C:\windows\sysvol\domain.local\policies to same location 
 
How many DC's do you have ? 
If only one then follow above method 
If multiple then check other DC's sysvol folders if above folder stored on anyother DC if yes then copy the same to culprit server
</div>

<div>
hmm... 
 
Having two DC (PDC and BDC). 
 
Actually both have the &quot;missing&quot; folder in SYSVOL and it does contains a GPT.INI file... 
 
Strange...
</div>

<div>
restore from backup 
 
BTW GPT.ini file reside under GUID folder if the GUID folder is missing then you won't get gpt.ini too..where are you looking at can you provide the path...... also let me know how many GPO's you have configured and how many GUID folders you can see?
</div>

<div>
I have 3 GPOs and 3 GUID folders: 

<pre><code class="code-10 nolinks" id="code-20-38749219-1">C:\WINDOWS\SYSVOL\domain\Policies&gt;dir
 Le volume dans le lecteur C s'appelle PDC-System
 Le numéro de série du volume est CC56-7B44

 Répertoire de C:\WINDOWS\SYSVOL\domain\Policies

06.01.2013 22:31 &lt;REP&gt; .
06.01.2013 22:31 &lt;REP&gt; ..
02.07.2006 22:28 &lt;REP&gt; {31B2F340-016D-11D2-945F-00C04FB984F9}
02.07.2006 20:26 &lt;REP&gt; {6AC1786C-016F-11D2-945F-00C04fB984F9}
06.01.2013 13:06 &lt;REP&gt; {DB7AC36A-A2C6-4937-B8F4-43F4D0F752A4}
 0 fichier(s) 0 octets
 5 Rép(s) 33'718'280'192 octets libres

C:\WINDOWS\SYSVOL\domain\Policies&gt;
</code></pre>
Note the presence of the supposedly missing GUID... 
 
The bad news is that it seems that this issue is not new and that there is no readily available valid backup for this folder. Will have to dig into offsite archived tapes... Is there any alternative here (I'm happy to ditch that GPO and restart from scratch) ?
</div>

<div>
{31B2F340-016D-11D2-945F-00C04FB984F9} 
{6AC1786C-016F-11D2-945F-00C04fB984F9} 
 
Above two folders represents Default Domain policy and default Domain controllers policy and can be recreated with default settings .....using dcgpofix ...as a last sort 
 
Do you have any events in File replication logs I would ask you first perform authoritative restore using below steps if it resolves your issue then its good ...if it doesn't then just run dcgpofix from command line and your DDP and DDCP will be created with default settings 
 
 
Restore steps:- 
 
first check that you have proper Connection objects has been created in Sites and Services 
 
Browse \\WorkingDC.domain.local copy sysvol &amp;&nbsp;netlogon and keep backup on ProblemDC &amp;&nbsp; WorkingDC (If can not browse check network connectivity/Port and don't proceed further) 
 
Go to PDC &nbsp;stop NTFRS service open regedit and go to &quot;HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup&quot; change the burflag value to D4 Start NTFRS(File Replication service) service and wait for File Replication event ID 13516 now Go to BDC &nbsp;stop NTFRS service open regedit go to &quot;HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at &lt;samp&gt;Startup&quot; change the burflag value to D2 -&gt; Start NTFRS(File Replication service) service and wait for File Replication event ID 13516 now 
 
Check Now your sysvol and netlogon shares are available 
 
Above is called Authoritive(D4) and non-Authoritive Restore (D2) 
 
Refer <a href="http://support.microsoft.com/kb/257338" rel="ugc">http://support.microsoft.com/kb/257338</a>&nbsp;for more info
</div>

<div>
Thanks - learning more than I expected on NTFRS. 
 
I have decided to go nuclear and to use dcgpofix. However it wont work... 
 

<pre><code class="code-10 nolinks" id="code-20-38749267-1">AVERTISSEMENT : VOUS PERDREZ TOUTES LES MODIFICATIONS QUE VOUS AVEZ APPORTÉES À
CES OBJETS DE STRATÉGIE DE GROUPE. CET UTILITAIRE
S'UTILISE UNIQUEMENT À DES FINS DE RÉCUPÉRATION EN CAS D'URGENCE.

Vous êtes sur le point de restaurer la stratégie de domaine par défaut et la st
atégie par défaut des contrôleurs de domaine du domaine suivant
domain.local
Voulez-vous continuer: &lt;O/N&gt;? o
AVERTISSEMENT : Cette opération remplacera toutes les &quot;attributions de droits u
ilisateur&quot; exécutées dans les objets de stratégie de groupe choisis. Cela peut
ntraîner l'échec de certaines applications serveur. Voulez-vous continuer: &lt;O/N
? O
Impossible d'ouvrir l'objet Active Directory LDAP://CN={31B2F340-016D-11D2-945F
00C04FB984F9},CN=Policies,CN=System,DC=domain,DC=local
La restauration a échoué. Consultez les messages précédents pour obtenir plus de
 détails

C:\WINDOWS\SYSVOL\domain\Policies&gt;
</code></pre>
Not happy with the Default Domain policy apparently (can't open object {31B2F340-016D-11D2-945F00C04FB984F9}) ... 
 
Any idea ?
</div>

<div>
I finally managed to repair my AD by recreating some missing entries manually. Fortunately I had another very similar setup so I could infer the values to enter from it.
</div>

<div>
<div class="content wysiwyg-content">
Hi 
 
W2k3 server problem at login - apparently there is something wrong with the GPOs (missing one or more GPO objects) 
 
(sorry the server in in French locale but I'm sure you get the gist of it 

<pre><code class="code-10 nolinks" id="code-10-27986412-1">Type de l'événement :	Erreur
Source de l'événement :	Userenv
Catégorie de l'événement :	Aucun
ID de l'événement :	1058
Date :		06.01.2013
Heure :		19:08:06
Utilisateur :	AUTORITE NT\SYSTEM
Ordinateur :	MY-PDC
Description :
Windows ne peut pas accéder au fichier gpt.ini pour l'objet Stratégie de groupes CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=mydomain,DC=local. Le fichier doit être présent à l'emplacement &lt;\\mydomain.local\sysvol\mydomain.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini&gt;. (Le fichier spécifié est introuvable. ). Le traitement de la stratégie de groupe est interrompu
</code></pre>
Basically it would seem some of the gpt.ini files are missing and as such the processing of the GPO can not take place. 
My question is what is the best way to solve this ? I can't really locate the offending GPO in the the MMC editor as far as I can tell....
</div>
</div>

Hi

W2k3 server problem at login - apparently there is something wrong with the GPOs (missing one or more GPO objects)

(sorry the server in in French locale but I'm sure you get the gist of it
(CODE)
Basically it would seem some of the gpt.ini files are missing and as such the processing of the GPO can not take place. 
My question is what is the best way to solve this ? I can't really locate the offending GPO in the the MMC editor as far as I can tell....

GPO object missing - how do I clean up ?

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).