Event ID 1096 How to resolve it?

The processing of Group Policy failed. Windows attempted to read the file \\DOMAIN NAME\sysvol\DOMAIN NAME\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
Nikhil CandySystem & Network AdministratorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
Is the gpo supposed to apply?
Check the GPO to make sure it has no errors that prevented its writeout .

In gpmc make sure the ad and sysvol counters for user and computer entries are the same.

If eithe user or computer have different counters for ad vs sysvol, it would suggest an error in the respective GPO section.
0
Abhi PappiTechnical Lead - Network SupportCommented:
Hi,

Its the "Default domain policy" (31B2F340-016D-11D2-945F-00C04FB984F9)...

1) Are you getting this error on the DC?
2) How many Dcs are in the network? Are you getting the same error on all DCs? Is the replication between the DCs correct?
3) When did you start getting this error?
4) Check the permission of the gpt.ini
5) Check “TCP/IP Netbios Helper” service is started and set to automatic.
6) Check if there any dns issue? (RUN this on the DC dcdiag /test:dns).
7) If DNS and, AD replication and File replication is working fine, reboot the DCs first and check before going further.

Thanks,
0
Nikhil CandySystem & Network AdministratorAuthor Commented:
Dear Abhi

I have applied your suggestions & done as per your guidance but it's still not working .please help me out from these issues   Answer of your question as per given below..

1) Are you getting this error on the DC? :-yes right now we have only 1 DC
2) How many Dcs are in the network? Are you getting the same error on all DCs? Is the replication between the DCs correct?:- only 1 DC in my Domain
3) When did you start getting this error?: 60 days ago...I'm tried to fix but unfortunately unsuccessful in all attempt
4) Check the permission of the gpt.ini:-set Everyone permission to Hidden GroupPolicy folder
5) Check “TCP/IP Netbios Helper” service is started and set to automatic.:-running
6) Check if there any dns issue? (RUN this on the DC dcdiag /test:dns).:-Succeed
7) If DNS and, AD replication and File replication is working fine, reboot the DCs first and check before going further.

Thanks,
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

Abhi PappiTechnical Lead - Network SupportCommented:
Hi,

Seems like the sysvol share is corrupted. Could you check the below:-

1) Check if SYSVOL and NETLOGON share exists on the server? Run the command "net share" ..... You can output this to a text file (net share > share.txt) and refer the text file to find.

2) Check which file replication is using (FRS or DFS)? --> Refer:-http://www.itprocentral.com/how-to-identify-the-replication-technology-in-use-by-active-directory/

3) Can you provide me the error messages you are seeing in the File replication  or DFS EVENTLOGS?

4) Take a backup of the SYSVOL (C:\Windows\SYSVOL) folder (as a best practice) before performing any further tasks.

5) Do you have any valid backup before the time of the issue? Atleast the SYSVOL folder, in case if it had corrupted and not present now?

I hope you have to refer the article (https://community.spiceworks.com/topic/1892613-event-id-4012-failed-sysvol-replication-on-a-standalone-dc) to fix the SYSVOL replication issue, if you verify the SYSVOL is broken and it is using DFS as the file replication method.

Let me know the results and I will check further...

Thanks,
0
Nikhil CandySystem & Network AdministratorAuthor Commented:
Dear Abhi

1.According to you last suggestions, i have done changes & verifications on my DC.there I can see my Netlogon&Sysvol folders are already shares
2. By running the ADSIdit.msc successfully checked whether replication running or not .Replication is running on my DC__ CN=DFSR-GlobalSetting > "msDFSR-flags   48" all set .ADSIdit.msc snap shot
3.here is the snap of my DFS eventlogs DFSreplication-snap.PNG4.I have no any previous backup but right now i takes the backup of my sysvol folder

Thanks for Your Responce
0
Abhi PappiTechnical Lead - Network SupportCommented:
Thanks for that.

So its DFS replication.

Still I was wondering if you are getting any errors related to a journal wrap in the DFS Replication event logs (Journal Wrap Event ID:-13568 or something like that)?  (Filter event logs with errors and warning). Its all depends on the exact event ID error messages you are receiving on the server, to find what exact issue it is. Worth putting some latest error events (DFS Replication) showing on the server here...

ONLY IF YOU SEE THE JOURNAL WRAP ERROR, you have to perform the "How to perform a non-authoritative synchronization of DFSR-replicated SYSVOL (like "D2" for FRS)" part of the article (https://support.microsoft.com/en-us/help/2218556/how-to-force-an-authoritative-and-non-authoritative-synchronization-fo) to fix it. [Understood you have kept a copy of sysvol elsewhere...].

IF NOT,   Refer below tasks:-

1) Are you able to edit the default domain policy? . If so, unlink the

2) Verify the gpt.ini of the affected GPO has the below permissions?
 
--> Authenticated Users --> Read & execute, Read
--> SYSTEM -- > Full Control
--> Domain Admins, Enterprise Admins,  --> Full Control
--> Enterprise Domain Controllers --> Read & Execute
--> Administrators --> Full Control

2) Check if the file size is  0kb? ( C:\Windows\System32\GroupPolicy\Machine\registry.pol). If so, rename the "registry.pol" file, perform gpupdate /force and reboot the server and check.

NB:- There are chances for the default domain policy to corrupt, in that case we have to either perform an non-authoritative restore of sysvol as per above article OR re-import the default domain policy. Have to look precisely what exactly the issue is....

Thanks,
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
arnoldCommented:
Since you only have one DC, checking whether the GPO has an error, or the GPO does not apply, I.e. A computer GPO at the top of the domain, has an empty user section that is not disabled for the user.
The warning occurs at the GPO refresh interval, once every 30 minutes?
Use gpmc, to see whether there is a user or computer setting, if it shoukd not apply to either, disable the option.....

The configuration of the GPO, if using wmi filters.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.