Event ID 1058, 1054, Active Directory domain errors

I've got a fairly new client setup which has multiple offices, connected via MPLS to a domain controller, which resides on a VM in a datacenter a few states away. A couple of times a day, for most machines, I get event ID 1058, and 1054 in the logs. I can't for the life of me figure out why. There doesn't seem to be any actual issues. No problems logging on, from any of the locations. DCdiag is perfect. DNS is set correctly. Nslookup returns info as expected. No sharing issues or other access problems. Just these lingering events. If it wasn't for events in the log, there would be zero issues, and maybe there isn't, but I'd sure like to know what was causing them. Its similar to the issues in previous OS, where media sense on a nic would cause this, but I have disabled that on the workstations to no avail. Server OS is 2008 R2. All workstations are Windows 7 x64 pro.

The first Critical Blacklist Event found: Event ID - 1058 System log - Microsoft-Windows-GroupPolicy:  The processing of Group Policy failed. Windows attempted to read the file ******** from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
sdholden28Asked:
Who is Participating?
 
Pramod UbheConnect With a Mentor Commented:
In the same error message, you should be able to see a long Unique ID of the GPO that is failing. You can match this ID in the GPO console (found on the details tab when you select a GPO in GPMC) or at this location - \\domainname.com\SYSVOL\Domainname.com\Policies

Once you trace the exact policy that is giving trouble, you can see what is causing it to fail. there might be permissions issues, replication issues or network latency or anything related to that particular GPO. You can use GPRESULT /R command to see what all GPOs are applied on a computer and set logonserver to see from where those GPOs are coming from.
0
 
sdholden28Author Commented:
I've run gpupdate countless times on a myriad of workstations, and have never received anything other than "Group Policy update processed successfully".
0
 
sdholden28Author Commented:
Zero reports of any network or internet outages at any of the locations, temporary or otherwise. Software that runs daily operations is in constant use and resides in the same datacenter as the DC, so network connection issues could not go unnoticed, no matter how intermittent.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Santosh GuptaCommented:
Hi,

Make sure that disable DFS is also reflecting in registery under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mup.

http://support.microsoft.com/kb/314494/en
0
 
sdholden28Author Commented:
That link is for Windows XP. That registry key does not exist in Windows 7, at least in that location.
0
 
sdholden28Author Commented:
Turned out to be a replication issue. Thanks for the direction.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.