Solved

Event Viewer system error

Posted on 2013-11-13
9
564 Views
Last Modified: 2013-11-17
I see this error message in Even Viewer under windows logs:

The processing of Group Policy failed. Windows attempted to read the file \\SanJoseFoothillFamilyComm.local\sysvol\SanJoseFoothillFamilyComm.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled
.

I already check a, b and c and all looks well, can someone help me whit this problem? It will be greatly appreciated. I’m willing to go as far as deleting all policies and start from scratch.
0
Comment
Question by:narce100
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2
9 Comments
 
LVL 14

Expert Comment

by:BlueCompute
ID: 39646530
Hi narce100,

Indicates an issue with the default domain controller policy.  You can run gpresult /h C:\tests\gpresult.html  and also dcdiag >C:\tests\dcdiag.txt and post those here or look at the errors yourself.  Can you access the GPO in sysvol by going Start > Run > \\SanJoseFoothillFamilyComm.local\sysvol\SanJoseFoothillFamilyComm.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\  ?

Is this a single server setup or ?
0
 

Author Comment

by:narce100
ID: 39646670
I get an error when doing the run command (see attach.) I'm also posting the files for decdiag and gpresults. Thanks.
1.JPG
2.JPG
dcdiag.txt
0
 

Author Comment

by:narce100
ID: 39646673
Here's the other file
gpresult.html
gpresult.html
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39646773
Have you verified the policies folder in sysvol does the {6AC1786C-016F-11D2-945F-00C04fB984F9} guid folder exit.Check the permission on folder too.

You can also run group policy diagnosis tool to check the health of GPOhttp://support.microsoft.com/kb/940122

Also ensure correct dns setting on DC as this:http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/

The dcdiag output is not executed with admin.Open the cmd as run as administrator and run dcdiag command to get correct output.Run gpupdate /force and check.

Ensure that netlogon and sysvol share is avaialble.Run net share command to verify the same.
0
 

Author Comment

by:narce100
ID: 39652175
{6AC1786C-016F-11D2-945F-00C04fB984F9} does not even exist (see attach). Do I have to rebuild sysvol?
1.JPG
0
 

Author Comment

by:narce100
ID: 39652320
Paragraph 2 applies only to Server 2003 and below
All compliant with paragraph 3
Here’s a notepad of dcdiag ran as administrator (see attach)
admindcdiag.txt
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 500 total points
ID: 39652843
How many Dc you have in env.From the printscreen it is clear that both default domain policy and default domain controller policy is missing.If you have other DC verify the same location for missing quid and you can perfrom authorative and non authorative restore of sysvol assuming that guid folder is present on other DC.

) Normally for an Authoritative Restore you stop at NTFRS services on all DCs.
 2) Set burflags to D4 on a known good sysvol (or at this time restore sysvol data from backup then set burflags to D4) then start NTFRS on this server.  You may want to rename the old folders with .old extensions prior to restoring good data.
 3) Clean up the folders on all the remaining servers (Policies, Scripts, etc) - renamed them with .old extensions.
 4) Set burflags to D2 on all remaining servers and start NTFRS.
 5) Wait for FRS to replicate.
 6) Clean up the .old stuff if things look good.
 
This is probably what you need to do to get it back.Essentially the "http://support.microsoft.com/kb/290762/" article.
 
Kindly take the backup of the sysvol folder of all DC that is copy paste the content of the sysvol to temp location and perform the authorative and non authorative restore of sysvol as mentioned above.

If you have single DC then if you have old sysvol backup(folder) or systemstate backup of the server you can restore the sysvol folder to alternate location and copy the gui 6AC1786C-016F-11D2-945F-00C04fB984F9(default domain controller polciy) and 31B2F340-016D-11D2-945F-00C04FB984F9(default domain policy)  to sysvol folder.http://support.microsoft.com/kb/216359

In case if you dont have backup you need to run only dcgpofix /target:DC as this reset only default DC policy only if you run dcgpofix /target:Domain this will also rest domain policy which is required as default domain policy guid is also missing:http://technet.microsoft.com/en-us/library/hh875588.aspx

Note IMP:However not that after reseting the GPO only default setting will be available.More on dcgpofix refer KB:http://support.microsoft.com/kb/833783
 
Hope this helps
0
 

Author Comment

by:narce100
ID: 39655506
I've requested that this question be closed as follows:

Accepted answer: 0 points for narce100's comment #a39652320

for the following reason:

I followed your suggestions on the last post and it worked for me.
Thank you very much
0
 

Author Closing Comment

by:narce100
ID: 39655507
I followed your suggestions on the last post and it worked for me.
Thank you very much
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question