Solved

Orphaned GPO issue

Posted on 2014-02-03
2
550 Views
Last Modified: 2014-02-03
All the sudden I have this type of messages cropping up in the event log:
GroupPolicy: 1058: The processing of Group Policy failed. Windows attempted to read the file \mydomain.local\SysVol\mydomain.local\Policies\{10A9F4FA-C707-4E92-9E91-53FDFC685107}\gpt.ini from a domain controller and was not successful. 
Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
 a) Name Resolution/Network Connectivity to the current domain controller.
 b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
c) The Distributed File System (DFS) client has been disabled. GroupPolicy: 1058: The processing of Group Policy failed. Windows attempted to read the file \mydomain.local\SysVol\mydomain.local\Policies\{10A9F4FA-C707-4E92-9E91-53FDFC685107}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved.

Open in new window


seems that so GPO is referenced in the AD but the actual GPO file is not present (not quite sure what has triggered this...).

I have run the FindOrphanedGPOs power-script from jhouseconsulting.com and it did indeed identify 4 orphaned GPOs:

Finding all orphaned Group Policy Objects (GPOs)...

Reading GPO information from Active Directory (CN=Policies,CN=System,DC=mydomain
,DC=local)...
Discovered 15 GPCs (Group Policy Containers) in Active Directory (CN=Policies,CN
=System,DC=mydomain,DC=local)

Reading GPO information from SYSVOL (\\mydomain.local\SYSVOL\mydomain.local\Poli
cies)...
Discovered 11 GPTs (Group Policy Templates) in SYSVOL (\\mydomain.local\SYSVOL\mydomain.local\Policies)

There are 0 GPTs in SYSVOL that don't exist in Active Directory (0.00 % of the t
otal)


There are 4 GPCs in Active Directory that don't exist in SYSVOL (26.67 % of the
total)
These are:
{10A9F4FA-C707-4E92-9E91-53FDFC685107}
{B5556118-5CBF-48AD-96E6-6CC121864261}
{D0FD14A4-C3D3-4FB3-A239-A4073EE365BE}
{DC1B4291-8306-4720-A21E-A7CD992E0E5A}

Open in new window


how do I locate the offending GPOs in the GPC admin console ?
0
Comment
Question by:atak2983
2 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 39829492
All of the GPO's have a unique SID associsted with it. You will need to reference that SID to the once that are missing.

- Open gpmc.msc
- go through the GPO's listed
- Click on the GPO's
- Click the details tab
- You will see Unique ID (this is what you will need to reference to)
seen screenshot below...
Unique ID
Will.
0
 
LVL 1

Author Closing Comment

by:atak2983
ID: 39829515
thanks - exactly what I was looking for.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
Many people use more than one email account and so it becomes difficult for them to manage them when they use separate accounts,  so, in this article, I have shared an easy way to add Other Mail Accounts in your Google Inbox. It helps to combine all…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question