Event ID 1053 - Group Policy

Recently encountered this error, following some FRS issues with SYSVOL and our NETLOGON folders (event id 13508, if anyone's interested). These replication issues have been resolved, but there is an issue with clients applying group policies. The computer side
of the policy applies every time, no problem. The issue is to do with user policies.
If a user logs on to a machine they were using prior to our replication issues, they receive all the relevant policies and the machine is locked down, as expected. If they log on to a machine they've never logged on to before, they don't receive any user group
policy settings and the event viewer lists error 1053 (with the machine being wide open to their assault).
Event 1053: The processing of Group Policy failed. Windows could not resolve the user name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
Running a gpupdate /force doesn't apply these policies, only presenting this error...
The processing of group policy. Windows could not resolve the user name.
This could be caused by one of the following:
a) Name Resolution failure on the current domain controller - We're quite confident this isn't the problem.
b) Active Directory Replication Latency (An account created on another domain controller has no replicated to the current domain controller) - Checked this, all accounts have been replicated.
Upon producing a GPreport I receive this error:
Group Policy Infrastructure failed due to the error listed below.
The specified account does not exist.
Note: Due to the GP Core failure, none of the other Group Policy components processed their policy. Consequently, status information for the other components is not available.
Additional information may have been logged. Review the Policy Events tab in the console or the application event log for events between 13/11/2014 14:06:30 and 13/11/2014 14:06:32.
System
Provider
[ Name]
Microsoft-Windows-GroupPolicy
[ Guid]
{AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID
1053
Version
0
Level
2
Task
0
Opcode
1
Keywords
0x8000000000000000
TimeCreated
[ SystemTime]
2014-11-14T08:18:32.372783400Z
EventRecordID
59591
Correlation
[ ActivityID]
{C3B036F5-272A-42A7-8AB1-2C2C2DCA0448}
Execution
[ ProcessID]
1100
[ ThreadID]
3000
Channel
System
Computer
XX-XXXX-XX.XXXXXXX.local
Security
[ UserID]
S-1-5-21-4153847986-3925515210-898707684-6794
EventData
SupportInfo1
1
SupportInfo2
1632
ProcessingMode
1
ProcessingTimeInMilliseconds
1544
ErrorCode
1317
ErrorDescription
The specified account does not exist.
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-GroupPolicy" Guid="{AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}"
/>
<EventID>1053</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>1</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated
SystemTime="2014-11-14T08:18:32.372783400Z" />
<EventRecordID>59591</EventRecordID>
<Correlation
ActivityID="{C3B036F5-272A-42A7-8AB1-2C2C2DCA0448}" />
<Execution ProcessID="1100" ThreadID="3000" />
<Channel>System</Channel>
<Computer>XX-XXXX-XX.XXXXXXX.local</Computer>
<Security UserID="S-1-5-21-4153847986-3925515210-898707684-6794" />
</System>
<EventData>
<Data Name="SupportInfo1">1</Data>
<Data Name="SupportInfo2">1632</Data>
<Data Name="ProcessingMode">1</Data>
<Data Name="ProcessingTimeInMilliseconds">1544</Data>
<Data Name="ErrorCode">1317</Data>
<Data Name="ErrorDescription">The specified account does not exist.</Data>
</EventData>
</Event>
Any help would be much appreciated.
Thanks,
J.

Hi J,
Looks like this could be an access/permissons issue. Could you just confirm a couple of things though:
Use nslookup to
confirm you can resolve addresses of the domain controllers
Use ipconfig /all on a user PC to make sure you are hitting the correct DNS servers
Assuming this is all okay (which I'm sure it is), take a look at
this thread with a similar issue. In the end it was determined that several necessary ports were not open on the DC, which resulted in errors with group policy.
Have a read of that and let us know how you get on. Sorry I can't be of more help at the moment, it feels like this might be a "trial and error" problem!
Regards,
James Henderson
MTA: Windows Server Admin Essentials
MTA: Networking Fundamentals

Similar Messages

Slow logins to domain, several event ID errors (group policy, netlogon, NTP errors)

We have a laptop user who was experiencing slow logons in a remote office.   (Remote office has 100 users, only 1 is reporting the issue). Helpdesk swapped computers to give the user brand new hardware.   The new laptop worked
fine while in the IT department in the main office, the user returned to their desk in their remote office after replacing the laptop and logged in and experienced the same slow logon issues as the older laptop.
Logons take up to 45 mins to process. (Login script hangs and does not process). During the process, you can check IPConfig and it received the proper DNS settings. you can ping the authenticating server by name. We have scanning
on our local copiers setup to scan to the users desktop, and this errors out. DNS on the AD controller shows the proper IP address for the machine and you can ping the machine by name.
System Event log is loaded with errors:
Event ID 5719 - Netlogon, computer not able to setup a secure session with a domain controller in the domain
Event ID 1129 - Group Policy, processing of Group Policy failed because of lack of network connectivity
Event ID 129 - Time Service, NTP Client was unable to set a domain peer to use as a time source
Event ID 5783 - NetLogon, The session setup to the WIndows NT or 2000 domain controller (xxx) for the domain is not responsive. RPC call cancelled.   (NOTE - you can ping this domain controller by name and by IP with no issues)
Event ID 130 - Time-Service, NTP client unable to set a domain peer
All these seem to point to RPC errors timing out because they cannot communicate to the network resources. The problem happens on wired or wireless connections. We had the user move to a different network connection (one we know is working for
another user) the problem persists.   The problem was on the original computer and continues to happen even after replacing the hardware with a brand new laptop.
I have tried running the following hotfix. Which does not resolve the issue:
http://support2.microsoft.com/kb/2459530 which technically this shouldn't be an issue because we use DHCP off the 2003 AD domain controller.
I have checked the domain controller, AD Replication is processing with no issues. DNS is working. The local DHCP server has no issues or events related to this account and neither does the local DNS server or the authenticating server (which
is in another remote office).

Hi,
As we know, most of the time error event 5719 is caused by network connectivity issues or name resolution issue, I suggest you refer to this link to make a further analysis
http://blogs.technet.com/b/instan/archive/2008/09/18/netlogon-5719-and-the-disappearing-domain.aspx
And this link:
Root Causes for Slow Boots and Logons
http://social.technet.microsoft.com/wiki/contents/articles/10130.root-causes-for-slow-boots-and-logons-sbsl.aspx
Yolanda Zhu
TechNet Community Support

Event ID 1058 Group Policy Preprocessing Error Code 3

You will see this in the event logs, the processing of group policy failed. It is trying to process a policy that doesn't exist. After reading http://technet.microsoft.c the
first resolution Error code 3 (The system cannot find the path specified) lead me to this --> http://support.microsoft.c
4. In the right details pane, double-click DisableDFS.
This entry doesn't exist but if I add it, it works. Problem is solved on machine 1.
Machine 2. This is a brand new Windows 7 setup to investigate this problem because it appears on a lot of the workstations and I have no idea why. Applying this fix did NOT solve the problem. I am a bit stuck. I have new GPs to roll out but they
won't apply with this error in place.
I can ping the logon server just fine and I can get to \\FQDN\sysvol as well. gpupdate /force shows the same error in the event log.

Hi,
Have you tried all steps in the link:
http://support.microsoft.com/kb/314494?
Verify you can read gpt.ini using the full network path, full network path to the gpt.ini as \\<dcName>\SYSVOL\<domain>\Policies\<guid>\gpt.ini where <dcName> is the name of the domain controller,
<domain> is the name of the domain, and <guid> is the GUID of the policy folder.
Please post the full event message for further analysis. In addition, we need to know that what policy did you set that could not be applied.
Regards,
Yan Li
Regards, Yan Li

Group Policy processing failure on 2008 when MIX Domain 2003 with DC 2008

Dear I try to add additional Windows 2008 Domain to My Domain controller 2003 and I ma Receiving Group policy error in DC 2008 With Event ID 1055
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="Microsoft-Windows-GroupPolicy" Guid="{AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}" />
<EventID>1055</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>1</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2014-03-06T14:36:44.411955300Z" />
<EventRecordID>3859</EventRecordID>
<Correlation ActivityID="{28DAD258-26D0-4C1E-A4B7-F37DEE04C8F1}" />
<Execution ProcessID="952" ThreadID="3276" />
<Channel>System</Channel>
<Computer>PRIMARYDC.Qtit.com</Computer>
<Security UserID="S-1-5-18" />
</System>
- <EventData>
<Data Name="SupportInfo1">1</Data>
<Data Name="SupportInfo2">1632</Data>
<Data Name="ProcessingMode">0</Data>
<Data Name="ProcessingTimeInMilliseconds">1578</Data>
<Data Name="ErrorCode">5</Data>
<Data Name="ErrorDescription">Access is denied.</Data>
</EventData>
</Event>
I install See KB939820 for a hotfix applicable to Microsoft DC 2003 regrading to he KRBTGT account
Refer Url : http://support.microsoft.com/kb/939820
I run dcdiag /v on and repadmin /showrepl at DC 2008
the dcdiag /v result
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine PRIMARYDC, is a Directory Server.
Home Server = PRIMARYDC
* Connecting to directory service on server PRIMARYDC.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Qtit,DC=com,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Qtit,DC=com,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=SECONDAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=PRIMARYDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\PRIMARYDC
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... PRIMARYDC passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\PRIMARYDC
Starting test: Advertising
The DC PRIMARYDC is advertising itself as a DC and having a DS.
The DC PRIMARYDC is advertising as an LDAP server
The DC PRIMARYDC is advertising as having a writeable directory
The DC PRIMARYDC is advertising as a Key Distribution Center
The DC PRIMARYDC is advertising as a time server
The DS PRIMARYDC is advertising as a GC.
......................... PRIMARYDC passed test Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
A warning event occurred. EventID: 0x800034C8
Time Generated: 03/06/2014 10:18:56
Event String:
The File Replication Service has detected an enabled disk write cache on the drive containing the directory c:\windows\ntfrs\jet on the computer PRIMARYDC. The File Replication Service might not recover when power to
the drive is interrupted and critical updates are lost.
A warning event occurred. EventID: 0x800034C8
Time Generated: 03/06/2014 10:53:21
Event String:
The File Replication Service has detected an enabled disk write cache on the drive containing the directory c:\windows\ntfrs\jet on the computer PRIMARYDC. The File Replication Service might not recover when power to
the drive is interrupted and critical updates are lost.
......................... PRIMARYDC passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
Skip the test because the server is running FRS.
......................... PRIMARYDC passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... PRIMARYDC passed test SysVolCheck
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... PRIMARYDC passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=SECONDAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
Role Domain Owner = CN=NTDS Settings,CN=SECONDAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
Role PDC Owner = CN=NTDS Settings,CN=SECONDAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
Role Rid Owner = CN=NTDS Settings,CN=SECONDAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
Role Infrastructure Update Owner = CN=NTDS Settings,CN=SECONDAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
......................... PRIMARYDC passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC PRIMARYDC on DC PRIMARYDC.
* SPN found :LDAP/PRIMARYDC.Qtit.com/Qtit.com
* SPN found :LDAP/PRIMARYDC.Qtit.com
* SPN found :LDAP/PRIMARYDC
* SPN found :LDAP/PRIMARYDC.Qtit.com/QTIT
* SPN found :LDAP/e3d8c76c-1b59-4de6-9f7f-c438df9a2863._msdcs.Qtit.com
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/e3d8c76c-1b59-4de6-9f7f-c438df9a2863/Qtit.com
* SPN found :HOST/PRIMARYDC.Qtit.com/Qtit.com
* SPN found :HOST/PRIMARYDC.Qtit.com
* SPN found :HOST/PRIMARYDC
* SPN found :HOST/PRIMARYDC.Qtit.com/QTIT
* SPN found :GC/PRIMARYDC.Qtit.com/Qtit.com
......................... PRIMARYDC passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC PRIMARYDC.
The forest is not ready for RODC. Will skip checking ERODC ACEs.
* Security Permissions Check for
DC=ForestDnsZones,DC=Qtit,DC=com
(NDNC,Version 3)
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,DC=Qtit,DC=com
* Security Permissions Check for
DC=DomainDnsZones,DC=Qtit,DC=com
(NDNC,Version 3)
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=DomainDnsZones,DC=Qtit,DC=com
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=Qtit,DC=com
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=Qtit,DC=com
(Configuration,Version 3)
* Security Permissions Check for
DC=Qtit,DC=com
(Domain,Version 3)
......................... PRIMARYDC failed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\PRIMARYDC\netlogon
Verified share \\PRIMARYDC\sysvol
......................... PRIMARYDC passed test NetLogons
Starting test: ObjectsReplicated
PRIMARYDC is in domain DC=Qtit,DC=com
Checking for CN=PRIMARYDC,OU=Domain Controllers,DC=Qtit,DC=com in domain DC=Qtit,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=PRIMARYDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com in domain CN=Configuration,DC=Qtit,DC=com on 1 servers
Object is up-to-date on all servers.
......................... PRIMARYDC passed test ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=Qtit,DC=com
Latency information for 18 entries in the vector were ignored.
18 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=Qtit,DC=com
Latency information for 18 entries in the vector were ignored.
18 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=Qtit,DC=com
Latency information for 20 entries in the vector were ignored.
20 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=Qtit,DC=com
Latency information for 20 entries in the vector were ignored.
20 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=Qtit,DC=com
Latency information for 20 entries in the vector were ignored.
20 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check
......................... PRIMARYDC passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 14607 to 1073741823
* SecondAD.Qtit.com is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 14107 to 14606
* rIDPreviousAllocationPool is 14107 to 14606
* rIDNextRID: 14124
......................... PRIMARYDC passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... PRIMARYDC passed test Services
Starting test: SystemLog
* The System Event log test
A warning event occurred. EventID: 0x0000A001
Time Generated: 03/06/2014 16:04:05
Event String:
The Security System could not establish a secured connection with the server ldap/PRIMARYDC.Qtit.com/[email protected]. No authentication protocol was available.
An error event occurred. EventID: 0x0000041F
Time Generated: 03/06/2014 16:06:35
Event String:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
An error event occurred. EventID: 0x0000041F
Time Generated: 03/06/2014 16:11:36
Event String:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
An error event occurred. EventID: 0x0000041F
Time Generated: 03/06/2014 16:16:38
Event String:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
An error event occurred. EventID: 0x0000041F
Time Generated: 03/06/2014 16:21:39
Event String:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
An error event occurred. EventID: 0x0000041F
Time Generated: 03/06/2014 16:26:41
Event String:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 16:30:46
Event String:
Driver TOSHIBA e-STUDIO16/20/25 PCL 6 required for printer TOSHIBA e-STUDIO16/20/25 PCL 6 is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 16:30:48
Event String:
Driver Microsoft XPS Document Writer v4 required for printer Microsoft XPS Document Writer is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 16:30:49
Event String:
Driver Send to Microsoft OneNote 15 Driver required for printer Send To OneNote 2013 is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 16:31:14
Event String:
Driver Send to Microsoft OneNote 15 Driver required for printer Send To OneNote 2013 is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 16:31:16
Event String:
Driver Microsoft XPS Document Writer v4 required for printer Microsoft XPS Document Writer is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 16:31:16
Event String:
Driver WebEx Document Loader required for printer WebEx Document Loader is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x0000041F
Time Generated: 03/06/2014 16:31:42
Event String:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
......................... PRIMARYDC failed test SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference)
CN=PRIMARYDC,OU=Domain Controllers,DC=Qtit,DC=com and backlink on
CN=PRIMARYDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
are correct.
The system object reference (serverReferenceBL)
CN=PRIMARYDC,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=Qtit,DC=com
and backlink on
CN=NTDS Settings,CN=PRIMARYDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
are correct.
The system object reference (frsComputerReferenceBL)
CN=PRIMARYDC,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=Qtit,DC=com
and backlink on CN=PRIMARYDC,OU=Domain Controllers,DC=Qtit,DC=com are
correct.
......................... PRIMARYDC passed test VerifyReferences
Test omitted by user request: VerifyReplicas
Test omitted by user request: DNS
Test omitted by user request: DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : Qtit
Starting test: CheckSDRefDom
......................... Qtit passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Qtit passed test CrossRefValidation
Running enterprise tests on : Qtit.com
Test omitted by user request: DNS
Test omitted by user request: DNS
Starting test: LocatorCheck
GC Name: \\PRIMARYDC.Qtit.com
Locator Flags: 0xe00031fc
PDC Name: \\SecondAD.Qtit.com
Locator Flags: 0xe00001bd
Time Server Name: \\PRIMARYDC.Qtit.com
Locator Flags: 0xe00031fc
Preferred Time Server Name: \\PRIMARYDC.Qtit.com
Locator Flags: 0xe00031fc
KDC Name: \\PRIMARYDC.Qtit.com
Locator Flags: 0xe00031fc
......................... Qtit.com passed test LocatorCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... Qtit.com passed test Intersite
repadmin /showrepl Result
******************************8
==== INBOUND NEIGHBORS ===================================
DC=Qtit,DC=com
Default-First-Site-Name\SECONDAD via RPC
DSA object GUID: c5ef6e17-77f0-43f6-8d39-5497c563f
Last attempt @ 2014-03-06 16:41:04 was successful.
CN=Configuration,DC=Qtit,DC=com
Default-First-Site-Name\SECONDAD via RPC
DSA object GUID: c5ef6e17-77f0-43f6-8d39-5497c563f
Last attempt @ 2014-03-06 16:41:39 was successful.
CN=Schema,CN=Configuration,DC=Qtit,DC=com
Default-First-Site-Name\SECONDAD via RPC
DSA object GUID: c5ef6e17-77f0-43f6-8d39-5497c563f
Last attempt @ 2014-03-06 15:53:01 was successful.
DC=DomainDnsZones,DC=Qtit,DC=com
Default-First-Site-Name\SECONDAD via RPC
DSA object GUID: c5ef6e17-77f0-43f6-8d39-5497c563f
Last attempt @ 2014-03-06 16:27:31 was successful.
DC=ForestDnsZones,DC=Qtit,DC=com
Default-First-Site-Name\SECONDAD via RPC
DSA object GUID: c5ef6e17-77f0-43f6-8d39-5497c563f
Last attempt @ 2014-03-06 15:53:01 was successful.
I try to down the DC 2003 and access \\Qtit.com it success open the syslog on DC 2008
Any help or advice

Hi,
Were there other error codes logged in Event Viewer?
Regarding Event ID 1055, the following article can be referred to for troubleshooting.
Event ID 1055 — Group Policy Preprocessing (Security)
http://technet.microsoft.com/en-us/library/cc727272(v=ws.10).aspx
Based on the report you posted, this issue may be related to FRS replication service. As a result, we can use ntfrsutl tool to check whether the replication service is healthy.
Regarding this point, the following articles can be referred to for more information.
Troubleshooting File Replication Service
http://technet.microsoft.com/en-us/library/bb727056.aspx
Ntfrsutl
http://technet.microsoft.com/en-us/library/hh875636.aspx
In addition, we can also try doing a non-authoritative Sysvol restore on Windows Server 2008 DC to see whether the issue persists.
Using the BurFlags registry key to reinitialize File Replication Service replica sets
http://support.microsoft.com/kb/290762/en-us
Hope it helps.
Best regards,
Frank Shen

To get some errors about group policy due to disabled an account

Hello
I have an active directory on windows 2012 datacenter. there is a domain on it. it works well.
Also there is a another AD on another location. there is another domain on it. also it works too.
there is a trust relationship between 2 domains.
I disabled an account on first AD server 4 days ago. and then my colleague who manages second AD, notified that started to recieve some errors from eventviewer and have an issue about their group policy.
the issue event as below;
The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller
(LDAP Bind function call failed). Look in the details tab for error code and description.
Event ID 1006
Event Source Group Policy
I think the concerning account was built on the second AD for a service. But we don't know how we can find the account on the second AD server in order to change it.
How can I fix the issue?
Thanks

Hi Yavuz,
>>But we don't know how we can find the account on the second AD server in order to change it.
What account did we disable? We can check the error code (displayed as a decimal) and error description fields of Event ID 1006 to see if more information can be found.
Regarding Event ID 1006, the following article can be referred to for more information.
Event ID 1006 — Group Policy Preprocessing (Active Directory)
https://technet.microsoft.com/en-us/library/cc727283(v=ws.10).aspx
Best regards,
Frank Shen
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

Cases in which Domain Group Policy settings would be reverted to default settings on a Win7 client

Hi - I'm sure this info is out there somewhere, but I'm having a hard time finding it. Basically, I'm trying to identify the cases in which settings deployed via Domain Group Policy on 2008R2/Win7SP1 would get reverted back to "default settings"
on a Win7SP1 client that is still a member of the domain, and is in a proper OU, properly targeted, WMI filters should still evaluate true, etc...
For instance, it appears that if machine-level registry settings contained within a LocalGPO file on a client get corrupted (C:\Windows\System32\GroupPolicy\Machine\registry.pol), all of those settings, plus all machine level administrative template settings
defined in Domain Group Policy, get reverted to default settings (corresponds with Event ID 1096 in System Event Log where it references "LocalGPO"). I have not confirmed if this is the case for machine level settings defined outside of administrative
templates in Domain Group Policy, or for any user level settings though. (But I suspect not.)
When a workstation is unable to talk to a Domain Controller in order to identify applicable Domain Group Policy settings (for instance, this issue:
http://support.microsoft.com/kb/2421599/en-us), do administrative templates Domain Group Policy settings revert to defaults up until the next successful processing interval? I don't believe
so, but would like confirmation.
Are there any other cases in which Domain Group Policy settings for a client still joined to the Domain would be reverted to defaults?
And when a client is unjoined from the Domain, what Domain Group Policy settings would remain on the client? I understand that some Domain Group Policy settings outside of administrative templates are "tattooed" to the registry. Does
anyone know of a full list of these settings? I believe that most or all of the ones in Windows Settings\Security Settings are tattooed, and the only way to get these settings removed is to explicitly change them via registry edit or LocalGPO/Local Security
Policy, after unjoining the domain.
Any info/insight/links to other doc/etc would be much appreciated!

Hi Shaun,
>>If a client cannot talk to a domain controller at all, admin template settings still stay in-place on the client, correct?
As far as I know, it's not this case. If a client can't communicate with domain controllers, it means that the GPOs applied to the client are out of scope. As suggested by
the article I provided, for native policy, "when a Group Policy object (GPO) goes out of scope, the policy setting is removed allowing the original configuration value to be used."
>>What if a client looses network connectivity while reading Domain GPO?
Group policy will be get updated when computers start up and users log on. Besides, for workstations, group policy will get refreshed at background with by default an interval
of 90 minutes. As long as workstations can restore network connectivity, the group policy settings will get updated.
>>Are there any other failure cases like this where some or all Group Policy settings (admin template or other areas) would get reverted?
There are many reasons which can cause GP malfunction. However, Windows itself provides necessary tools for troubleshooting various issues. When GP malfunctions, we can check
Event Viewer, collect group policy result, or generate group policy log to troubleshoot.
TechNet Subscriber Support
If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.
Best regards,
Frank Shen

Group Policy Printer Error (0x80070005 Access Denied)

I am trying the deploy two network printers via group policy using Server 2008 R2 SP1. I created the GPO and added the printers from our print server under computer configuration so that it will apply to the computers, not just the users. After a computer in
the correct OU Gpupdates I recieve the following error in it's application event log:
WARNING: GROUP POLICY PRINTERS
Group Policy object did not apply because it failed with error code 0x80070005 Access is Denied. This error was suppresed.
Any suggestions or thoughts are appreciated. I have been dealing with this error and trying the figure it out for awhile now.

Hi,
This issue mostly can be caused due to the incorrect permission settings.
Please try to perform the troubleshooting steps the following Microsoft TechNet blog provides.
Group Policies and Access Denied
http://blogs.technet.com/b/matthewms/archive/2005/10/29/413275.aspx
Regards,
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Event 4098 Group Policy Printers, Printers intermittently don't deploy

Hi,
On a similar vein to this topic We also deploy printers Via the Server 2008 group policy preferences. All our PC's are Vista Business 32bit SP1. The problem we are having is that intermittently the printer will not install at logon. If you logoff and back on again it is there. On one particular PC I found this event in the Applications log.
Log Name:      Application
Source:        Group Policy Printers
Date:          13/01/2009 4:07:48 PM
Event ID:      4098
Task Category: (2)
Level:         Warning
Keywords:      Classic
User:          SYSTEM
Computer:      E-HSS.cygnet.library.uwa.edu.au
Description:
The user 'HSSClient1' preference item in the 'Client Vista Domain Policy SP1 {A85CA6F0-874B-467F-B50A-939E64932884}' Group Policy object did not apply because it failed with error code '0x80070709 The printer name is invalid.' This error was suppressed.
Event Xml:
<System>
    <Provider Name="Group Policy Printers" />
    <EventID Qualifiers="34305">4098</EventID>
    <Level>3</Level>
    <Task>2</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2009-01-13T07:07:48.000Z" />
    <EventRecordID>37184</EventRecordID>
    <Channel>Application</Channel>
    <Computer>E-HSS.cygnet.library.uwa.edu.au</Computer>
    <Security UserID="S-1-5-18" />
Now if this error happened every time we would change the name of the printer to be something more "Valid" but it doesn't and we can logon again and the printer installs fine. Can someone explain to me why it thinks HSSClient1 is invalid intermittently?
From this thread I investigated the print processor of one of our printer queues and found is was not set to 'WinPrint' So on HSSClient1 I set the print processor to 'WinPrint'. Do all printers managed/deployed by Group Policy preferences need to have their processor set to WinPrint?
Regards
Jason Langoulant
UWA Library I.T.

Hi,
Regarding print processors , third party print processors are supported but not recommended. Print processors are user-mode dynamic-link libraries that are responsible for converting the spooled data of a print job to a format that can be sent to a print monitor. Print processors are also responsible for handling program requests to pause, to resume, and to cancel print jobs. But Print processors would be started during system startup. It’s not related to this GPO issue.
This issue may occur if you create the Printer as TCP/IP printer. Please try to delete the original printer and try to create a new shared Printer in Group Policy Preferences.
However, if it’s the original printer is not TCP/IP printer, please also try to recreate it and help to run the MPS report (PFE version) on the clients to collect reports. The MPS Reporting Tool is utilized to gather detailed information regarding a systems current configuration. The data collected will assist you with fault isolation.
A . Please download MPS Reporting Tool (MPSRPT_PFE.EXE) from the following link:
(http://www.microsoft.com/downloads/details.aspx?FamilyID=00ad0eac-720f-4441-9ef6-ea9f657b5c2f&DisplayLang=en)
Please note: The link may be truncated when you read the E-mail. Be sure to include all text between '(' and ')' when navigating to the download location.
B . Right click MPSRPT_PFE.EXE and select Run as Administrator to run this tool, and you will see a Command Window start up.
C . Please type Y with the message of <Include the MSINFO32 report? (defaults to Y in 15 seconds)[Y,N]?
D . When the tool is done you will see an Explorer Window opening up the %systemroot%\MPSReports\Setup\Reports\cab folder and containing a <Computername>MPSReports.cab file. After collecting, please use Windows Live SkyDrive (http://www.skydrive.live.com/) to upload the file and then give me the download address.
Thanks.

Group Policy servers WARNING Event ID:4098

Hi All,
On our Domain controller we get every 5minutes the following error:
Event ID: 4098
User: NT AUTHORITY\SYSTEM
Source: Group Policy Services
Description:
The computer 'Application Updater' preference item in the 'Default Domain Policy {31B2F340-016D-11D2-945F-00C04FB984F9}' Group Policy object did not apply because it failed with error code '0x80070424 The specified service does not exist as an installed
service.' This error was suppressed.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
I just can't figure out what gpo setting is causing the problem....??
Anybody an idea how to solve this?

Hi,
According to the event description: The computer "Application Updater" preference item in the default domain policy..., we should troubleshoot this issue follow the steps as below:
1. As the GPO is Default Domain Policy, so the policy should be applied to all DCs and client, if the issue only occur on one of you DC, please check all the services, and find out the differences between DC and client.
2. Open Default Domain Policy, expand Computer Configuration, Preferences, Services. If you have new a service, please delete it and then check the result.
3. If the issue still there after the above troubleshoot, I would like suggest you to do DCGPOFIX.EXE, this tool could let us set the Default Domain Controller to the default setting.
DCGPOFIX - to be used - only in the last resort
http://blogs.technet.com/b/janelewis/archive/2006/09/22/458132.aspx
Hope this helps.
Best Regards,
Yan Li
Please remember to mark the replies as answers if they help and unmark them if they provide no help.

Event ID 1085 on DC - Failed to Apply the Group Policy Local Users and Groups Settings

I have a domain with 2 DCs. The primary DC is running Server 2012 and is raising Event ID 1085 every 10 minutes and 20 seconds.
Windows failed to apply the Group Policy Local Users and Groups settings. Group Policy Local Users and Groups settings might have its own log file. Please click on the "More information" link.
System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 1085
Version 0
Level 3
Task 0
Opcode 1
Keywords 0x8000000000000000
- TimeCreated
[ SystemTime] 2014-10-20T20:09:03.706992400Z
EventRecordID 130087
- Correlation
[ ActivityID] {FDDFB8C5-9ECF-41B9-B2B4-3AD0B345A37A}
- Execution
[ ProcessID] 1000
[ ThreadID] 3280
Channel System
Computer SERVER.DOMAIN.NAME
- Security
[ UserID] S-1-5-18
- EventData
SupportInfo1 1
SupportInfo2 4404
ProcessingMode 0
ProcessingTimeInMilliseconds 10343
ErrorCode 183
ErrorDescription Cannot create a file when that file already exists.
DCName \\SERVER.DOMAIN.name
ExtensionName Group Policy Local Users and Groups
ExtensionId {17D89FEC-5C44-4972-B12D-241CAEF74509}
Everything I look up for Event ID 1085 seems to be about a different cause.
Any ideas?

I enabled tracing on a domain gpo and I still get the error when running gpupdate /force .
I'm also still getting Event 1085. Here's the trace file. I've anonymized the site/domain and the GUIDs.
2014-10-21 11:16:54.003 [pid=0x3e8,tid=0xcd0] Entering ProcessGroupPolicyExLocUsAndGroups()
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] SOFTWARE\Policies\Microsoft\Windows\Group Policy\{GUID-1}
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] BackgroundPriorityLevel ( 0 )
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] DisableRSoP ( 0 )
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] LogLevel ( 2 )
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] Command subsystem initialized. [SUCCEEDED(S_FALSE)]
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] Background priority set to 0 (Idle).
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ----- Parameters
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] CSE GUID : {GUID-1}
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] Flags : ( X ) GPO_INFO_FLAG_MACHINE - Apply machine policy rather than user policy
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( X ) GPO_INFO_FLAG_BACKGROUND - Background refresh of policy (ok to do slow stuff)
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_SLOWLINK - Policy is being applied across a slow link
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_VERBOSE - Verbose output to the eventlog
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_NOCHANGES - No changes were detected to the Group Policy Objects
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_LINKTRANSITION - A change in link speed was detected between previous policy application and current policy application
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_LOGRSOP_TRANSITION - A change in RSoP logging was detected between the application of the previous policy and the application of the current policy.
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( X ) GPO_INFO_FLAG_FORCED_REFRESH - Forced Refresh is being applied. redo policies.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_SAFEMODE_BOOT - windows safe mode boot flag
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_ASYNC_FOREGROUND - Asynchronous foreground refresh of policy
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Token (computer or user SID): S-1-5-18
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Abort Flag : Yes (0x313be090)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] HKey Root : Yes (0x80000002)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Deleted GPO List : No
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Changed GPO List : Yes
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Asynchronous Processing : Yes
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Status Callback : No (0x00000000)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] WMI namespace : Yes (0x32273740)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] RSoP Status : Yes (0x320cc7f4)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Planning Mode Site : (none)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Computer Target : No (0x00000000)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] User Target : No (0x00000000)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Calculated list relevance. [SUCCEEDED(S_FALSE)]
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ----- Changed - 0
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Options : ( ) GPO_FLAG_DISABLE - This GPO is disabled.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPO_FLAG_FORCE - Do not override the settings in this GPO with settings in a subsequent GPO.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Options (raw) : 0x00000000
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Version : 19267878 (0x01260126)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPC : LDAP://CN=Machine,CN={GUID-2},CN=Policies,CN=System,DC=SITE,DC=DOMAIN
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPT : \\SITE.DOMAIN\sysvol\SITE.DOMAIN\Policies\{GUID-2}\Machine
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPO Display Name : Default Domain Policy
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPO Name : {GUID-2}
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPO Link : ( ) GPLinkUnknown - No link information is available.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPLinkMachine - The GPO is linked to a computer (local or remote).
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPLinkSite - The GPO is linked to a site.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( X ) GPLinkDomain - The GPO is linked to a domain.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPLinkOrganizationalUnit - The GPO is linked to an organizational unit.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GP Link Error
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] lParam : 0x00000000
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Prev GPO : No
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Next GPO : Yes
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Extensions : [{00000000-0000-0000-0000-000000000000}{GUID-3}][{GUID-1}{GUID-3}][{GUID-4}{GUID-5}{GUID-6}{GUID-7}{GUID-8}][{GUID-9}{GUID-10}][{GUID-11}{GUID-5}{GUID-6}]
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] lParam2 : 0x3146f978
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Link : LDAP://DC=SITE,DC=DOMAIN
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Purge GPH : C:\ProgramData\Microsoft\Group Policy\History\{GUID-2}\Machine\Preferences\Groups\Groups.xml
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Read GPE XML data file (592 bytes total).
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ----- Changed - 1
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Options : ( ) GPO_FLAG_DISABLE - This GPO is disabled.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GPO_FLAG_FORCE - Do not override the settings in this GPO with settings in a subsequent GPO.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Options (raw) : 0x00000000
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Version : 1245203 (0x00130013)
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPC : LDAP://CN=Machine,CN={GUID-12},CN=Policies,CN=System,DC=SITE,DC=DOMAIN
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPT : \\SITE.DOMAIN\sysvol\SITE.DOMAIN\Policies\{GUID-12}\Machine
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPO Display Name : Default Domain Controllers Policy
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPO Name : {GUID-12}
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPO Link : ( ) GPLinkUnknown - No link information is available.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GPLinkMachine - The GPO is linked to a computer (local or remote).
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GPLinkSite - The GPO is linked to a site.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GPLinkDomain - The GPO is linked to a domain.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( X ) GPLinkOrganizationalUnit - The GPO is linked to an organizational unit.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GP Link Error
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] lParam : 0x00000000
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Prev GPO : Yes
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Next GPO : No
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Extensions : [{00000000-0000-0000-0000-000000000000}{GUID-3}][{GUID-1}{GUID-3}][{GUID-9}{GUID-10}]
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] lParam2 : 0x324e8198
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Link : LDAP://OU=Domain Controllers,DC=SITE,DC=DOMAIN
2014-10-21 11:16:54.127 [pid=0x3e8,tid=0xcd0] Purge GPH : C:\ProgramData\Microsoft\Group Policy\History\{GUID-12}\Machine\Preferences\Groups\Groups.xml
2014-10-21 11:16:54.127 [pid=0x3e8,tid=0xcd0] Read GPE XML data file (592 bytes total).
2014-10-21 11:16:54.143 [pid=0x3e8,tid=0xcd0] Completed get next GPO. [SUCCEEDED(S_FALSE)]
2014-10-21 11:16:54.143 [pid=0x3e8,tid=0xcd0] WQL : SELECT * FROM RSOP_PolmkrSetting WHERE polmkrBaseCseGuid = "{GUID-1}"
2014-10-21 11:16:54.143 [pid=0x3e8,tid=0xcd0] Purged 2 old RSoP entries.
2014-10-21 11:16:54.143 [pid=0x3e8,tid=0xcd0] Logging 2 new RSoP entries.
2014-10-21 11:16:54.159 [pid=0x3e8,tid=0xcd0] RSoP Entry 0
2014-10-21 11:16:54.174 [pid=0x3e8,tid=0xcd0] RSoP Entry 1
2014-10-21 11:16:54.174 [pid=0x3e8,tid=0xcd0] Completed get GPO list. [SUCCEEDED(S_FALSE)]
2014-10-21 11:16:54.174 [pid=0x3e8,tid=0xcd0] IsRsopPlanningMode() [SUCCEEDED(S_FALSE)]
2014-10-21 11:17:04.252 [pid=0x3e8,tid=0xcd0] Completed settings update (csePostProcess). [ hr = 0x800700b7 "Cannot create a file when that file already exists." ]
2014-10-21 11:17:04.252 [pid=0x3e8,tid=0xcd0] Completed CSE post-processing. [ hr = 0x800700b7 "Cannot create a file when that file already exists." ]
2014-10-21 11:17:04.267 [pid=0x3e8,tid=0xcd0] Leaving ProcessGroupPolicyExLocUsAndGroups() returned 0x000000b7

Group Policy Preferences Shortcut issues ( event ID 1085 )

I am hoping someone will be able to help me with a problem that is causing our users a headache
We have a Windows 2008 SP2 terminal server farm ( 1 gateway, 2 Terminal servers TS1 and TS2 ), we also use Group Policy Preferences to deliver app shortcuts to different AD user groups.
TS1 and TS2 were built from the same image. On TS1 users logon and get all the icons they are entitled to, on TS2 it is random to whether they get their shortcuts or not.
Both TS are rebooted daily and I have scripted removing any local profiles incase it was something left behind.
Checking the event Logs on TS2 I see several errors that appear to relate to Group Policy and correspond to when users have connected in.
any help with this issue would be appreciated.
Here is the information from the System log:
Log Name: System
Source: Microsoft-Windows-GroupPolicy
Date: 05/12/2014 15:32:26
Event ID: 1085
Task Category: None
Level: Warning
Keywords:
User: Username
Computer: TerminalServer
Description:
Windows failed to apply the Group Policy Shortcuts settings. Group Policy Shortcuts settings might have its own log file. Please click on the "More information" link.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-GroupPolicy" Guid="{aea1b4fa-97d1-45f2-a64c-4d69fffd92c9}" />
<EventID>1085</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>1</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2014-12-05T15:32:26.450Z" />
<EventRecordID>478778</EventRecordID>
<Correlation ActivityID="{CCB45268-E6F8-4127-97C8-A8544829F2DE}" />
<Execution ProcessID="344" ThreadID="11212" />
<Channel>System</Channel>
<Computer>TerminalServer</Computer>
<Security UserID="S-1-5-21" />
</System>
<EventData>
<Data Name="SupportInfo1">1</Data>
<Data Name="SupportInfo2">3892</Data>
<Data Name="ProcessingMode">1</Data>
<Data Name="ProcessingTimeInMilliseconds">6047</Data>
<Data Name="ErrorCode">2147942413</Data>
<Data Name="ErrorDescription">The data is invalid. </Data>
<Data Name="DCName”>\\OurDomain</Data>
<Data Name="ExtensionName">Group Policy Shortcuts</Data>
<Data Name="ExtensionId">{C418DD9D-0D14-4efb-8FBF-CFE535C8FAC7}</Data>
</EventData>
</Event>

> <Data Name="ErrorDescription">The data is invalid. </Data>
Delete the history XML.
Martin
Mal ein
GUTES Buch über GPOs lesen?
NO THEY ARE NOT EVIL, if you know what you are doing:
Good or bad GPOs?
And if IT bothers me - coke bottle design refreshment :))

Event ID 5002/5014 Group Policy DFSR problem

I have 4 domain controllers all are running on windows server 2012. RPC always disconnects/fails having error event Ids 5002 and 5014. AD objects are replicated across DCs but on Group policy DCs are either inaccessible or differ in GPO Version.
thanks for the help.

Good. Okay, then it's just the 5014's & 5002's.
Here's a wiki on 5002:
http://social.technet.microsoft.com/wiki/contents/articles/1207.dfsr-event-5002-dfs-replication.aspx
On the 5014, there should be a corresponding error number. Can you please respond with that and the specific error messaged (edited for privacy, of course.)?

Event 4098, Group Policy Local Users and Groups

Hello,
A few of our computers on the network are not replacing the local "Administrator (built-in)"account with our administrator account we set up through Group Policy. I recieve the follow error message from the Applicaiton Logs. I'm
not sure if this error is a PC issue instead of a Group Policy issue, because Group Policy seems to be working fine on our other PCs. Any suggestions/ideas would be helpful. Thank you.
Error message: The computer "Administrators (built-in) preference item in the "Security Policies {CD8199AF-99A8-41F8-8D28-C92DD9C57A51}" Group Policy object did not apply because it failed with error code '0x80070526 The specified group policy
already exists.' This error was suppressed.

Hi,
It seems that you have configured this security policy already, you can try run GPupdate /force command and then check if all security policies are applied in your computer:
Resultant Set of Policy
http://technet.microsoft.com/en-us/library/cc772175.aspx
you can use this command to retrieve the specific group policy:
http://technet.microsoft.com/en-us/library/ee461059.aspx
If you have any feedback on our support, please click
here
Alex Zhao
TechNet Community Support

Event ID 1053 source GroupPolicy error code 1722

Hi, I have one DC in my domain. It comes some errors every day
The event ID is 1053. source: GroupPolicy
The processing of Group Policy failed. Windows could not resolve the user name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
And I see the details
SupportInfo1
1
SupportInfo2
1575
ProcessingMode
0
ProcessingTimeInMilliseconds
1607
ErrorCode
1722
ErrorDescription
The RPC server is unavailable.
The system of my DC is Windows server 2008 SP1.
How can I solve this problem?
Thanks.

Hi,
>>have one DC in my domain. It comes some errors every day
The event ID is 1053. source: GroupPolicy
On the troubled domain controller, can you ping both IP addresses and DNS names of other DCs? Can you run
gpupdate/force to refresh policy settings on the DC? If not, we can try to temporarily disable firewall on the DC to see if the issue persists.
Regarding how to troubleshoot RPC error code 1722, the following article can be referred to as reference.
Windows Server Troubleshooting: "The RPC server is unavailable"
http://social.technet.microsoft.com/wiki/contents/articles/4494.windows-server-troubleshooting-the-rpc-server-is-unavailable.aspx
Best regards,
Frank Shen

The Group Policy Client service failed the sign-in The universal unique identifier (UUID) type is not supported

Hi guys,
we created a custom WIM Image (Windows 8 Enterprise) with MDT 2012.
Sysprept the Image, Deployed via SCCM 2012 SP1.
Computers are Domainjoined. Error with standard Domain User.
On some computers (not every computer) and not with every user on the first logon following error message arises:
The Group Policy Client service failed the sign-in The universal unique identifier (UUID) type is not supported
It works, when you log in a second time but this error isn't very nice.
Is there a solution for that?
Kind Regards
Martin

Hi,
The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. This issue can be caused by various reasons based on the computer environment.
Can you find any information in event log about this issue?
Here is the related blog in which the steps can solve most of such issues if the issue continuously happen.
http://blogs.msdn.com/b/moiqubal/archive/2012/03/04/how-to-fix-quot-the-group-policy-client-service-failed-the-logon-access-denied-quot-error.aspx
Also, you can refer to the similar thread about this issue:
http://social.technet.microsoft.com/Forums/en-US/4a644219-50ee-494d-b965-e64a8555109e/the-group-policy-client-service-failed-the-signin-the-universal-unique-identifier-uuid-type-is
Since this issue can be related to SCCM, to better help you, please submit a new thread for further help:
https://social.technet.microsoft.com/Forums/en-US/home?category=systemcenter2012configurationmanager
Hope these could be helpful.
Kate Li
TechNet Community Support

Event ID 1053 - Group Policy

Similar Messages

Maybe you are looking for