Solved

Event ID 1058, 1054, Active Directory domain errors

Posted on 2014-04-04
6
6,350 Views
Last Modified: 2014-05-28
I've got a fairly new client setup which has multiple offices, connected via MPLS to a domain controller, which resides on a VM in a datacenter a few states away. A couple of times a day, for most machines, I get event ID 1058, and 1054 in the logs. I can't for the life of me figure out why. There doesn't seem to be any actual issues. No problems logging on, from any of the locations. DCdiag is perfect. DNS is set correctly. Nslookup returns info as expected. No sharing issues or other access problems. Just these lingering events. If it wasn't for events in the log, there would be zero issues, and maybe there isn't, but I'd sure like to know what was causing them. Its similar to the issues in previous OS, where media sense on a nic would cause this, but I have disabled that on the workstations to no avail. Server OS is 2008 R2. All workstations are Windows 7 x64 pro.

The first Critical Blacklist Event found: Event ID - 1058 System log - Microsoft-Windows-GroupPolicy:  The processing of Group Policy failed. Windows attempted to read the file ******** from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
0
Comment
Question by:sdholden28
  • 4
6 Comments
 

Author Comment

by:sdholden28
ID: 39979166
I've run gpupdate countless times on a myriad of workstations, and have never received anything other than "Group Policy update processed successfully".
0
 

Author Comment

by:sdholden28
ID: 39979176
Zero reports of any network or internet outages at any of the locations, temporary or otherwise. Software that runs daily operations is in constant use and resides in the same datacenter as the DC, so network connection issues could not go unnoticed, no matter how intermittent.
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39979200
Hi,

Make sure that disable DFS is also reflecting in registery under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mup.

http://support.microsoft.com/kb/314494/en
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 

Author Comment

by:sdholden28
ID: 39979228
That link is for Windows XP. That registry key does not exist in Windows 7, at least in that location.
0
 
LVL 10

Accepted Solution

by:
Pramod Ubhe earned 500 total points
ID: 39982447
In the same error message, you should be able to see a long Unique ID of the GPO that is failing. You can match this ID in the GPO console (found on the details tab when you select a GPO in GPMC) or at this location - \\domainname.com\SYSVOL\Domainname.com\Policies

Once you trace the exact policy that is giving trouble, you can see what is causing it to fail. there might be permissions issues, replication issues or network latency or anything related to that particular GPO. You can use GPRESULT /R command to see what all GPOs are applied on a computer and set logonserver to see from where those GPOs are coming from.
0
 

Author Closing Comment

by:sdholden28
ID: 40096564
Turned out to be a replication issue. Thanks for the direction.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question