Announcement

Collapse
No announcement yet.

Group policy weirdness going on between xp/7 client and 2003 DCs.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Group policy weirdness going on between xp/7 client and 2003 DCs.

    Hi
    I have a bit of a dilemma with a problem we are having.
    We have 2 domain controllers running Windows Server 2003. Majority of our clients are XP but we are also running Windows 7 on a few machines.

    I created a group policy on a domain controller and then went to my Windows 7 client and ran a gpupdate but it returned with errors.
    The processing of Group Policy failed. Windows attempted to read the file \\c****d.x***p.com\sysvol\c****d.x***p.com\Policie s\{4A472870-D26E-4DB8-A679-969E071645D3}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
    a) Name Resolution/Network Connectivity to the current domain controller.
    b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
    c) The Distributed File System (DFS) client has been disabled.

    I had a look at the ways its was suggesting and found that the group policy had replicated to the other DC and confirmed replication was working properly. I also checked whether DFS service was running on the client and both DCs and this was running or wasn't installed (assumed this was normal) and I also checked connectivity between my client and DCs and everything seems normal.

    I checked the sysvol location as stated in event viewer and noticed that with the FQDN if I go to sysvol\policies. the folder is completely empty, if I type just the domain name I can see all the policies as well as the scripts folder.
    The windows 7 machine is on a different 192 network whereas the test XP machine is on a 151 network. When I check the sysvol location on the XP machine I am able to browse the FQDN but when I browse just the domain name its empty???

    Does anyone know what the hell is going on?? I am so confused why its vice versa and why it isn't consistent.

    Any help would be greatly appreciated...

    Thanks

  • #2
    Re: Group policy weirdness going on between xp/7 client and 2003 DCs.

    I have done the meta data cleanup and things are certainly better now. I have also cleaned out redundant servers from AD sites and services.

    My understanding is the previous administrator didnt do a graceful demotion of the DCs and just turned them off!

    I have run dcdiag again and there are still a few errors and was wondering if someone would be able to assist with these errors.

    When running replication using AD sites and services, NTDS and when performing replication between both of our DCs that is working fine and it returns a message 'active directory has replicated the connections'.

    but when looking at the sysvol/netlogon shares of both DCs there is clearly a problem. On DC2 if i go to \\dc2\sysvol\FQDN\ it is completely empty. If I do the same on DC1 it has all the GPO policies as well as any scripts on the Netlogon share.

    Is it a simple case of copying the files from DC1 to DC2 and will replication begin working or will this not work?
    Any advice that can be given on the error messages on DCDiag will be greatly appreciated.

    Thanks


    Microsoft Windows [Version 5.2.3790]
    (C) Copyright 1985-2003 Microsoft Corp.

    C:\Documents and Settings\administrator.COFIELD>dcdiag

    Domain Controller Diagnosis

    Starting test: NetLogons
    Unable to connect to the NETLOGON share! (\\EIUKBRIDCS0002\netlogon)
    [EIUKBRIDCS0002] An net use or LsaPolicy operation failed with error 12
    03, Win32 Error 1203.
    ......................... EIUKBRIDCS0002 failed test NetLogons

    Starting test: frsevent
    There are warning or error events within the last 24 hours after the
    SYSVOL has been shared. Failing SYSVOL replication problems may cause
    Group Policy problems.
    ......................... EIUKBRIDCS0002 failed test frsevent

    Starting test: systemlog
    An Error Event occured. EventID: 0x00000457
    Time Generated: 07/22/2011 15:22:39
    (Event String could not be retrieved)
    An Error Event occured. EventID: 0x00000457
    Time Generated: 07/22/2011 15:22:39
    (Event String could not be retrieved)
    An Error Event occured. EventID: 0x00000457
    Time Generated: 07/22/2011 15:22:39
    (Event String could not be retrieved)
    An Error Event occured. EventID: 0x00000457
    Time Generated: 07/22/2011 15:22:39
    (Event String could not be retrieved)
    An Error Event occured. EventID: 0x00000457
    Time Generated: 07/22/2011 15:22:40
    (Event String could not be retrieved)
    An Error Event occured. EventID: 0x00000457
    Time Generated: 07/22/2011 15:22:41
    (Event String could not be retrieved)
    ......................... EIUKBRIDCS0002 failed test systemlog

    Comment

    Working...
    X