Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Domain controllers problem replicating GPO

Posted on 2015-01-02
7
Medium Priority
?
136 Views
Last Modified: 2015-01-23
Hello and happy new year to everyone,


I have an onpremise installation of 2 Windows 2012 R2 Domain controllers. About a month ago a failure of DC01 force us to destroy the server migrate all FSMO roles to DC02 and make it primary domain controller. We then create a new server and add it as an addional domain controller.

Problem is that the new server cannot replicate the GPO . Objects in active directory users and computers are ok. Only the GPO objects are missing.

In event viewer i see errors with id 1058 , .
.
The processing of Group Policy failed. Windows attempted to read the file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.


DFSR Service is running . In event viewer there are some minor errors that the replication service is stopping communication with the primary domain controller due to an error and after that an information that the replication service successfully established an inbount connection.

From primary domain controller if i try to open the sysvol share i take a network error . The oposite works fine.

Any help please ?

Thanks
0
Comment
Question by:Anestis Psomas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 40527705
I suggest you do the following:

1.  Run DCDIAG on both DCs and post results
2.  Download AD Best Practice Analyzer from MS and run it
3.  Check both DCs and post errors you are getting
0
 

Author Comment

by:Anestis Psomas
ID: 40527872
Here are the results ,

1. DC DIAG Results - DC02 ( It has all roles)

Performing initial setup:
   Trying to find home server...
   Home Server = DC02
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\DC02
      Starting test: Connectivity
         ......................... DC02 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\DC02
      Starting test: Advertising
         ......................... DC02 passed test Advertising
      Starting test: FrsEvent
         ......................... DC02 passed test FrsEvent
      Starting test: DFSREvent
         ......................... DC02 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... DC02 passed test SysVolCheck
      Starting test: KccEvent
         ......................... DC02 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... DC02 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... DC02 passed test MachineAccount
      Starting test: NCSecDesc
         ......................... DC02 passed test NCSecDesc
      Starting test: NetLogons
         [DC02] User credentials does not have permission to perform this
         operation.
         The account used for this test must have network logon privileges
         for this machine's domain.
         ......................... DC02 failed test NetLogons
      Starting test: ObjectsReplicated
         ......................... DC02 passed test ObjectsReplicated
      Starting test: Replications
         [Replications Check,DC02] DsReplicaGetInfo(PENDING_OPS, NULL) failed,
         error 0x2105 "Replication access was denied."
         ......................... DC02 failed test Replications
      Starting test: RidManager
         ......................... DC02 passed test RidManager
      Starting test: Services
            Could not open NTDS Service on DC02, error 0x5 "Access is denied."
         ......................... DC02 failed test Services
      Starting test: SystemLog
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   15:50:50
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   15:55:51
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:00:51
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:05:52
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:10:53
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:15:53
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:20:54
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:25:55
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:30:56
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:35:57
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:40:58
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:43:19
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         ......................... DC02 failed test SystemLog
      Starting test: VerifyReferences
         ......................... DC02 passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : interworkscloud
      Starting test: CheckSDRefDom
         ......................... interworkscloud passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... interworkscloud passed test
         CrossRefValidation

   Running enterprise tests on : interworkscloud.net
      Starting test: LocatorCheck
         ......................... interworkscloud.net passed test LocatorCheck
      Starting test: Intersite
         ......................... interworkscloud.net passed test Intersite


2. DC DIAG Results - DC01 ( It is the new secondary domain controller )

C:\Windows\system32>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = dc01
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\DC01
      Starting test: Connectivity
         ......................... DC01 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\DC01
      Starting test: Advertising
         Warning: DsGetDcName returned information for
         \\DC02.interworkscloud.net, when we were trying to reach DC01.
         SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
         ......................... DC01 failed test Advertising
      Starting test: FrsEvent
         ......................... DC01 passed test FrsEvent
      Starting test: DFSREvent
         ......................... DC01 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... DC01 passed test SysVolCheck
      Starting test: KccEvent
         ......................... DC01 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... DC01 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... DC01 passed test MachineAccount
      Starting test: NCSecDesc
         ......................... DC01 passed test NCSecDesc
      Starting test: NetLogons
         Unable to connect to the NETLOGON share! (\\DC01\netlogon)
         [DC01] An net use or LsaPolicy operation failed with error 67,
         The network name cannot be found..
         ......................... DC01 failed test NetLogons
      Starting test: ObjectsReplicated
         ......................... DC01 passed test ObjectsReplicated
      Starting test: Replications
         ......................... DC01 passed test Replications
      Starting test: RidManager
         ......................... DC01 passed test RidManager
      Starting test: Services
         ......................... DC01 passed test Services
      Starting test: SystemLog
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   15:53:53
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   15:58:53
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:03:54
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:08:55
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:13:56
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:18:57
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:23:57
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:28:58
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:33:59
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:38:59
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:43:45
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 01/02/2015   16:48:45
            Event String:
            The processing of Group Policy failed. Windows attempted to read the
 file \\interworkscloud.net\SysVol\interworkscloud.net\Policies\{B31333BD-D594-4
E6D-A19F-B72F7F45FB47}\gpt.ini from a domain controller and was not successful.
Group Policy settings may not be applied until this event is resolved. This issu
e may be transient and could be caused by one or more of the following:
         ......................... DC01 failed test SystemLog
      Starting test: VerifyReferences
         ......................... DC01 passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : interworkscloud
      Starting test: CheckSDRefDom
         ......................... interworkscloud passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... interworkscloud passed test
         CrossRefValidation

   Running enterprise tests on : interworkscloud.net
      Starting test: LocatorCheck
         ......................... interworkscloud.net passed test LocatorCheck
      Starting test: Intersite
         ......................... interworkscloud.net passed test Intersite



Thanks.
0
 
LVL 83

Expert Comment

by:David Johnson, CD, MVP
ID: 40528657
check the dns settings for dc01 and dc02 also permissions may be incorrect
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:Anestis Psomas
ID: 40528666
Hello ,

DNS Settings are OK . About permissions , Is there some spesific ntfs security permissions for the sysvol folder ?

Thanks
0
 
LVL 20

Expert Comment

by:compdigit44
ID: 40529383
This is the part the concerns me from your original question: "failure of DC01 force us to destroy the server migrate all FSMO roles to DC02 and make it primary domain controller."

Was the server properly decommissioned? If not you needed to do a meta data clean up..

For right now are all FSMO rolls on DC02 if so you could try to demote DC01.. wait run Dcdiag and make sure all is well then try to promote dc01 again
0
 

Author Comment

by:Anestis Psomas
ID: 40529530
Hello ,

The server was decommissioned properly according to Microsoft Guides when you have a server that cannot boot up properly.

If i cannot find a solution to my problem then i thing the demoting and promoting of DC01 is the best way .

Maybe someone else have another idea ...
0
 
LVL 20

Accepted Solution

by:
compdigit44 earned 1500 total points
ID: 40529568
Right now demoting DC01 would be your best option...
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question