Solved

GPO - Error "Due to the GP Core failure"

Posted on 2013-05-21
10
1,615 Views
Last Modified: 2013-12-11
I have an issue it seems after I added a second DC in a different Location/ different subnet/IP

So now some of my users are not getting GPO's pushed to them

I have attached a screen shot and an output of dcdiag
Capture.PNG
aztc-dcdiag.txt
0
Comment
Question by:Travis Hahn
10 Comments
 

Author Comment

by:Travis Hahn
ID: 39185045
I have also attached GPRESULT
gpresult.txt
0
 

Author Comment

by:Travis Hahn
ID: 39187996
I have made some Changes and this is what I have now:

User policy could not be updated successfully. The following errors were encoun
ered:

The processing of Group Policy failed. Windows attempted to read the file \\azt
adeco.com\SysVol\aztradeco.com\Policies\{7DFE7774-7809-434B-B5EB-8752634B1A65}\
pt.ini from a domain controller and was not successful. Group Policy settings m
y not be applied until this event is resolved. This issue may be transient and
ould be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controlle
 has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
Computer policy could not be updated successfully. The following errors were en
ountered:

The processing of Group Policy failed. Windows could not authenticate to the Ac
ive Directory service on a domain controller. (LDAP Bind function call failed).
Look in the details tab for error code and description.

To diagnose the failure, review the event log or run GPRESULT /H GPReport.html
rom the command line to access information about Group Policy results.
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 39188264
Your dcdiag output appears to only include the DNS tests.  Can you run a general dcdiag and post that output?  Also, what happens if you try to manually access \\aztradeco.com\sysvol from a machine that's unable to process Group Policy?
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Author Comment

by:Travis Hahn
ID: 39188513
I have included the two DC's dcdiag tests.  

AZTC-DC is Primary Running Server 2008 R2- 88.11 IP
AZTC-DC2 is Secondary Running Server 2012 66.11 IP

From a client I can reach \\aztradeco.com\sysvol


It also seems like the client (who is in the 88.11 network) is not getting the 66.11 secondary DNS - Ipconfig only showed the one.

I also just ran DFsrdiag pollad and my 2008 ran no errors, but the 2012 server returned an error:  Access is denied when connecting to WMI services on computer: AZTC-DC2
aztc-dc-dcdiag.txt
aztc-dc2-dcdiag.txt
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 39192361
This usually comes from a GROUP POLICY INCOMPATIBILITY:

I wrote an article about this and published it on EE:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/A_6393-Group-Policy-Compatibility.html

Please critique my article. I like constructive criticism.
0
 

Accepted Solution

by:
Travis Hahn earned 0 total points
ID: 39194426
I have solved the Issue.  It was related to a dfsr database corrupt - I had ro run a command to start the rebuild

wmic /namespace:\\root\microsoftdfs path dfsrVolumeConfig where volumeGuid="043E6D5E-EE88-11E1-93E8-806E6F6E6963" call ResumeReplication
0
 

Author Closing Comment

by:Travis Hahn
ID: 39203927
No other comments were given for resolution
0
 

Expert Comment

by:rmartes
ID: 39710958
Hello jtobak..

I have the same issue.. and would like to run the same command but do not find the path on my server.  How would I go running the command on my server.  I have a win2k8r2.
0
 

Author Comment

by:Travis Hahn
ID: 39711435
I believe I used Powershell
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question