Link to home
Start Free TrialLog in
Avatar of JReam
JReamFlag for United States of America

asked on

Domain Administrator account. C:\> GPRESULT /R we get ERROR: Access Denied. ??

We have a Win2008R2 server giving us a headache, just started the other day, after we ran a Windows Update.    Only One role on this server which is Remote Desktop Services.

We seem to now be a RESTRICTED user even though we are logging as the Domain Administrator.    

My 1st hint was when running C:\> GPRESULT /R    we get ERROR: Access Denied.  
The related rsop.mmc also fails also "Access Denied"
Other commands return "not enough space on the disk",
   such as trying to run  
C:\Windows\System32\wbem>mofcomp scersop.mof
Microsoft (R) MOF Compiler Version 6.3.9600.16384
Copyright (c) Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: scersop.mof
MOF file has been successfully parsed
Storing data in the repository...
An error occurred while opening the namespace for object 1 defined on lines 10 -  13:
Error Number: 0x80070070, Facility: Win32
Description: There is not enough space on the disk.
Compiler returned error 0x80070070

Open in new window


Lots of space 100+ GBs free on C:.   Somewhere the Computer is restricted.     I just can't figure how to narrow it down.  
All of the issues seem related.  I've seen on this for days,   I sure need some fresh ideas on how to fix.

Please share some clues !
ASKER CERTIFIED SOLUTION
Avatar of jmac44
jmac44
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of masnrock
masnrock
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of McKnife
McKnife
Flag of Germany image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of JReam
JReam
Flag of United States of America image

ASKER

KB3159398 was the CULPRIT which was installed on the AD controllers early last week.    That KB totally whacked our production RDS servers and every test and temporary RDS VM we tried at hello to the domain.      Extra nasty because once the GPOs were applied it caused the target RDS Machines to be hosed badly and permanently even if we later disjoined the domain.   We still don't know exactly what broke within the RDS machines.    What a headache.

Our fix was to:  
1)  Uninstall KB3159398 from all AD controllers
2)  Restore all RDS servers from backup.  

That KB3159398 wasted many days for us.  This KB should be used with extreme caution.   The Web Link to the KB documents shows quite a bunch of  stuff that you can get burned on, just like we did.   Danger danger.
Avatar of masnrock
masnrock
Flag of United States of America image
I think there's a lesson to be learned from this. Create a test environment to test out updates and changes before putting into production.
Avatar of JReam
JReam
Flag of United States of America image

ASKER

Thanks folks