GPP Scheduled Task Fails in Group Policy Modeling depending on DC

Similar Messages

• Windows 2008 Server SFTP Scheduled Tasks fails to execute sftp commands

  I have a scheduled task that pulls in Human Resources data using sftp public / private key combination.  It was associated with user who has recently left the company and their account has been disabled. Everything I've read
  so far leads me to believe that I need to establish the sftp connection and create a registry entry for another user...   I don't want this application to be dependent on any particular user.   I've stored the key set on a share that is
  open to any system administrator on the server and created a batch job similar to:
  Del oldFile.txt
  "psftp.exe <user>@<server> -i <PrivateKeyLocation> -b <FtpComands>". 
  The old file gets deleted fine via scheduled task or manual, but the new file only gets pulled when running it directly from my account. 
  Any suggestions would be greatly appreciated.

  The list of ftp commands that you are passing in to psftp.exe may need user specific resources (for example, a mapped drive). But it's difficult to say though without looking at what the psftp commands do. If the available commands for psftp.exe
  are not flexible enough, you might want to look at other solutions like Sysax FTP Automation.

• Window Defender scheduled task failed

  The Windows Defender scheduled task is terminated each time and the error code is Ox41306. Anyone know what needs to be done to resolve issue.

  Hi,
  0x00041306
  The last run of the task was terminated by the user.
  Did you create the task schedulder via GUI or you create and run the scheduler via some script? Please make sure that you have right permission to run the task or script. chekc the security option, check the user acocunt to run the task.
  Or check this option, under "power" tab, task might be terminated when power environment has changed
  Yolanda Zhu
  TechNet Community Support

• "Group Policy Registry" (CSE) is failing with EventID 7016

  Hi,
  I'm stuck at troubleshooting the group policy processing on a W2k8 R2 Terminal Server. On this machine the CSE Group Policy Registry Component is failing with ErrorCode 11. (I'm sorry but the editor does not allow me to insert xml yet)
  I was not able to find any source in technet or msdn regarding Group Policy Registry ErrorCode 11 nor able to get any further debugging operable, that gives me more hands-on-details on this problem. Furthermore I was not able to determine the GPO causing
  the CSE failing, neither with RSOP nor Eventlogs.... With the group policy modeling wizard i just get "GP Registry failed" listed in Component State Overview with the subtle message "An attempt was made to load a file with an incorrect format."
  How can i get to the bottom of this?

  Hi,
  As far as I know, Event ID 7016 can be caused by the fact that there is issue with the gpprefcl.dll build installed on the client machines.
  To fix the issue, we can try applying the following hotfix to update the build of gpprefcl.dll.
  Windows Vista, Windows Server 2008, Windows 7, or Windows Server 2008 R2 may stop responding at the Welcome screen after you enter the user credentials to log on to the computer
  http://support.microsoft.com/kb/2526870/en-us
  In addition, the following hotfix can also be worth taking a look.
  Some Group Policy preferences are not applied successfully on computers that are running Windows Vista, Windows Server 2008, Windows 7 or Windows Server 2008 R2
  http://support.microsoft.com/kb/979731/en-us
  Hope it helps.
  Best regards,
  Frank Shen

• Group Policy issue - Bandwidth detection failed

  Hi
  We have a major issue affecting multiple users (>100) where they are unable to login to the machine.It looks like core windows services do not start such as DHCPClient, EventLog, UserProfileService.
  Looking at the events on the pc I can see the following events:
  Event 6314
  Group policy bandwidth estimation failed. Group policy processing will continue. Assuming fast link.
  Event 6323
  Group Policy dependency (Network Location Awareness) did not start. As a result, network related features of Group Policy such as bandwidth estimation and response to network changes will not work.
  I can see the NLA service started but I am worried alot more machines will become unusable. A change was made to group policy regarding searching items in the start menu
  User Configuration\Administrative Templates\Start Menu and Taskbar
  Do not search files
  Enabled
  Do not search Internet
  Enabled
  Remove Games link from Start Menu
  Enabled
  Remove Help menu from Start Menu
  Enabled
  Remove Music icon from Start Menu
  Enabled
  Remove Network Connections from Start Menu
  Enabled
  Remove Network icon from Start Menu
  Enabled
  Remove Run menu from Start Menu
  Disabled
  Remove the networking icon
  Enabled
  Remove the volume control icon
  Disabled
  Remove user's folders from the Start Menu
  Enabled
  The clients are mostly Vista SP2 with some Windows 7. DCs are Server 2008.
  Any help in resolving this much appreciated.

  Hi,
  >>Group Policy dependency (Network Location Awareness) did not start. As a result, network related features of Group Policy such as bandwidth estimation and response to network changes will not work.
  Network Location Awareness service is a needed service for processing group policy settings since Windows Vista. It helps check the network location of the computers and helps detect slow link when processing group policy settings.
  Before going further, does this happen to all clients in our environment? Please check our network configuration and make sure that the clients are able to correctly communicate with DCs. Besides, we can try to reinstall network
  adapters to see if it helps. Moreover, please further check event logs to see if some other error events were logged.
  Here, we can also try to clean boot our clients to troubleshoot if this is caused by some third party services or applications.
  Regarding how to perform clean boot, the following article can be referred to for more information.
  How to perform a clean boot in Windows
  http://support.microsoft.com/kb/929135
  In addition, if everything goes clean, we can try to delay the application of Group Policy at startup by following the procedure described in the Resolution section in the article below to see if it helps.
  Windows 7 Clients intermittently fail to apply group policy at startup
  http://support.microsoft.com/kb/2421599
  Best regards,
  Frank Shen
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• OIM - Scheduled Tasks - Validade/Enable

  Hi All,
  I am quite new to OIM, two days working with it, and I have some questions that seem to be easy to answer but I could not find it here, neither on the internet (or I am not using the correct keywords).
  In our OIM environment we have some custom recon scheduled tasks, developed by oracle, and, as our internal processes with the targets are not working properly still, sometimes the scheduled tasks fail and when they fail they got disabled too. Most of the times they fail is because its input file, a CSV file coming from a target, is not there.
  Based on it, my questions are:
  1. I know there is a way to list all scheduled tasks and their status using the API, check this link: http://www.rameshgk.com/blog/2010/09/23/oim-scheduled-task-for-monitoring-other-scheduled-tasks/, but is there a way to do it by command line in Unix?
  2. Is there a way, when the schedulted tasks got disabled due to a failure, to enable it automatically, via API or any other method, without the need to go to web client?
  I was forgetting to comment one thing, unfortunately, I don't have access to the OIM database!
  Thanks for your attention!
  Regards.

  You can execute the scheduled task from the command line and use the following API:
  void updateScheduleTask(long scheduledTaskKey,
  java.util.Map attributes)
  throws Thor.API.Exceptions.tcAPIException,
  Thor.API.Exceptions.tcScheduledTaskNotFoundException,
  Thor.API.Exceptions.tcInvalidAttributeException,
  Thor.API.Exceptions.tcAttributeMissingException,
  tcAPIExceptionUpdates schedule task information based on the attribute that are passed to this method
  Parameters:
  scheduledTaskKey - the scheduled task key
  attributes - a map of updated attributes valid attributes
  •Task Scheduler.ClassName
  •Task Scheduler.Disable
  •Task Scheduler.Frequency Type
  •Task Scheduler.Interval
  •Task Scheduler.Key
  •Task Scheduler.Last Start Time
  •Task Scheduler.Last Stop Time
  •Task Scheduler.Max Retries
  •Task Scheduler.Name
  •Task Scheduler.Next Start Time
  •Task Scheduler.Retry Count
  •Task Scheduler.Start Time
  •Task Scheduler.Status
  You can provide the Frequency Type and Next Start Time and then it should be picked up. Just like when you are in the design console and you have it set to run once and you clear the entries in the time and set it to the current one.
  -Kevin
  Please don't forget to give points where earned on helpful posts.

• Certain scheduled tasks do not run anymore after DST change

  Hi everyone,
  I noticed a problem on Server 2012 after daylight savings time was set effective last weekend in March. All scheduled tasks that are configured to run weekly on Monday through Friday don't run anymore! Tasks that are configured to run daily are OK. Shall
  I really put a wrapper script around the executable to check the weekday myself??? Another solution to work around this bug seems to be to set the start day after DST change day, then the weekly Jobs also run OK again.
  Many Greetings
  Michael

  We have experienced the same issues.  Just to put some more information out there (and confirm some points from above):
  We run 12 scheduled tasks on 2 servers.
  Machines are "Microsoft Windows Server 2012 Standard", ver. 6.2.9200 build 9200, HP ProLiant BL460c Gen8
  4 scheduled tasks did fine over the DST switch in March
  8 scheduled tasks failed to run
  All scheduled tasks that ran were set up with
  “Configure For” = “Windows Server 2012”
  All scheduled tasks that failed were set up with
  “Configure For” = “Windows Vista™, Windows Server™
  2008”.
  All scheduled tasks, both affected and unaffected, were scheduled as Weekly, Mon-Fri.
  Changing the "Configure For" field after the tasks failed to run did NOT fix the problem.
  Changing the time of a task after the task failed to run did NOT fix the problem
  Changing the "Start" date of a task after it failed to run DID fix the problem.
  Given that there are not a whole ton more complaints out on the web about this bug, it must be that the bug does not affect every instance of the scheduler on Windows Server 2012.  In other words, it must be only some particular configuration
  of Windows Server 2012 that causes this bug, otherwise surely there would be many many more complaints.  Can people who are experiencing this bug check and post configuration info so perhaps we can determine a common factor?  Thanks.

• How can I setup a scheduled task to run a Powershell Script delivered as a Group Policy Preference

  I have a Powershell script I want to run only once when a user logs onto their system. This script would move all the PST files from the Local drive and the Home drive to a folder location within the users profile. I wanted to run this as a Windows 7 Scheduled Task using Group Policy Preferences. How can I get this to happen short of a logon script? I have updated all the machines to WMF 4.0 so could I use a Scheduled Job instead? I wanted to run the script as the logon user but elevated.#Start Outlook and Disconnect attached PST files.
  $Outlook = New-Object -ComObject Outlook.Application
  $namespace = $outlook.getnamespace("MAPI")
  $folder = $namespace.GetDefaultFolder("olFolderInbox")
  $explorer = $folder.GetExplorer()
  $explorer.Display()
  $myArray= @()
  $outlook.Session.Stores | where{ ($_.FilePath -like'*.PST') } | foreach{[array]$myArray+= $_.FilePath}
  for
  ($x=0;$x-le$myArray.length-1;$x++)
  $PSTPath= $myArray[$x]
  $PST= $namespace.Stores | ?{$_.FilePath -like$PSTPath}
  $PSTRoot= $PST.GetRootFolder() #Get Root Folder name of PST
  $PSTFolder= $Namespace.Folders.Item($PSTRoot.Name) #Bind to PST for disconnection
  $Namespace.GetType().InvokeMember('RemoveStore',[System.Reflection.BindingFlags]::InvokeMethod,$null,$Namespace,($PSTFolder)) #Disconnect .PST
  #Move All PST files to the default location while deleting the PST files from their original location.
  $SourceList = ("$env:SystemDrive", "$env:HOMEDRIVE")
  $Destination = ("$env:USERPROFILE\MyOutlookFiles")
  (Get-ChildItem -Path $SourceList -Recurse -Filter *.PST) | Move-Item -Destination $Destination
  #Attach all PST files from the default location.
  Add-type -assembly "Microsoft.Office.Interop.Outlook" | out-null
  $outlook = new-object -comobject outlook.application
  $namespace = $outlook.GetNameSpace("MAPI")
  dir “$env:USERPROFILE\MyOutlookFiles\*.pst” | % { $namespace.AddStore($_.FullName) }

  Mike,
  I do not understand what appears to be a regular expression above. I did add the PowerShell script to the HKCU RunOnce Key as suggested.
  Windows Registry Editor Version 5.00
  C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -noprofile -sta -WindowStyle Hidden -ExecutionPolicy RemoteSigned -File "C:\scripts\Windows PowerShell\Move-PST.ps1"
   I'm delivering this using Group Policy Preferences. It seems to fail or time out when run because the behavior is different if I run the script from within the PowerShell IDE. I added the parameters to the script and will try it again in the morning.

• Group Policy - Computer preference - Schedule task creation

  Hello,
     We are getting error while applying schedule task creation GPO (from Windows 2012) to system windows 2008 R2.
  Group Policy object did not apply because it failed with error code '0x80041316 The task XML contains an unexpected node.' This error was suppressed.
  As recommended in many threads, we have made the settings to run the schedule task with user which is "NT Authority\System" (selected user manully from Damain -> Building group -> System).  After changing, we observe that task is getting
  created but we keep on getting warning messages in event viewer. In GPO ->  schedule task -> setting is to "update" schedule task (not create or replace).
  Below is excerpt from traces file while applying GP.
  -------2015-02-11 09:41:22.976 [pid=0x35c,tid=0x934] RunOnce value created [SUCCEEDED(S_FALSE)]
  2015-02-11 09:41:23.039 [pid=0x35c,tid=0x934] RunOnce value created [SUCCEEDED(S_FALSE)]
  2015-02-11 09:41:23.039 [pid=0x35c,tid=0x934] RunOnce value created [SUCCEEDED(S_FALSE)]
  2015-02-11 09:41:23.039 [pid=0x35c,tid=0x934] Read GPE XML data file (3146 bytes total).
  2015-02-11 09:41:23.039 [pid=0x35c,tid=0x934] RunOnce value created [SUCCEEDED(S_FALSE)]
  2015-02-11 09:41:23.070 [pid=0x35c,tid=0x934] RunOnce value created [SUCCEEDED(S_FALSE)]
  2015-02-11 09:41:23.085 [pid=0x35c,tid=0x934] Properties handled. [ hr = 0x80041316 "The task XML contains an unexpected node." ]
  2015-02-11 09:41:23.085 [pid=0x35c,tid=0x934] Error suppressed. [ hr = 0x80041316 "The task XML contains an unexpected node." ]
  2015-02-11 09:41:23.085 [pid=0x35c,tid=0x934] Completed get next GPO. [SUCCEEDED(S_FALSE)]
  2015-02-11 09:41:23.085 [pid=0x35c,tid=0x934] WQL : SELECT * FROM RSOP_PolmkrSetting WHERE polmkrBaseCseGuid = "{AADCED64-746C-4633-A97C-D61349046527}"
  2015-02-11 09:41:23.101 [pid=0x35c,tid=0x934] Purged 2 old RSoP entries.
  2015-02-11 09:41:23.101 [pid=0x35c,tid=0x934] Logging 2 new RSoP entries.
  2015-02-11 09:41:23.101 [pid=0x35c,tid=0x934] RSoP Entry 0
  2015-02-11 09:41:23.117 [pid=0x35c,tid=0x934] RSoP Entry 1
  2015-02-11 09:41:23.117 [pid=0x35c,tid=0x934] Completed get GPO list. [SUCCEEDED(S_FALSE)]
  Any input will be helpful.
  Thank you.

  Hi Martin,
    Please find it below
  <?xml version="1.0" encoding="UTF-8"?>
  -<ScheduledTasks clsid="{CC63F200-7309-4ba0-B154-A71CD118DBCC}">-<TaskV2 clsid="{D8896631-B747-47a7-84A6-C155337F3BC8}" removePolicy="0" userContext="0" uid="{1E0044F0-305A-48ED-A432-DDF4E5AB50BC}"
  changed="2015-02-11 09:07:27" image="2" name="AssetExplorer">-<Properties name="AssetExplorer" logonType="S4U" runAs="NT AUTHORITY\System" action="U">-<Task version="1.2">-<RegistrationInfo><Author>domain2\useradmin</Author><Description>Asset
  Explorer</Description></RegistrationInfo>-<Principals>-<Principal id="Author"><UserId>NT AUTHORITY\System</UserId><LogonType>S4U</LogonType><RunLevel>LeastPrivilege</RunLevel></Principal></Principals>-<Settings>-<IdleSettings><Duration>PT5M</Duration><WaitTimeout>PT1H</WaitTimeout><StopOnIdleEnd>false</StopOnIdleEnd><RestartOnIdle>false</RestartOnIdle></IdleSettings><MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy><DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries><StopIfGoingOnBatteries>false</StopIfGoingOnBatteries><AllowHardTerminate>false</AllowHardTerminate><AllowStartOnDemand>false</AllowStartOnDemand><Enabled>true</Enabled><Hidden>false</Hidden><ExecutionTimeLimit>P1D</ExecutionTimeLimit><Priority>7</Priority></Settings>-<Triggers>-<CalendarTrigger><StartBoundary>2015-02-05T23:00:00</StartBoundary><Enabled>true</Enabled>-<ScheduleByDay><DaysInterval>1</DaysInterval></ScheduleByDay><ExecutionTimeLimit>P1D</ExecutionTimeLimit></CalendarTrigger></Triggers>-<Actions
  Context="Author">-<Exec><Command>\\domain\NETLOGON\Global\mycommand.cmd</Command></Exec></Actions></Task></Properties></TaskV2> -<TaskV2 clsid="{D8896631-B747-47a7-84A6-C155337F3BC8}"
  removePolicy="0" userContext="0" uid="{0C27559B-07A6-4F36-A400-0D769B62BE93}" changed="2015-02-11 09:16:50" image="2" name="AssetExplorer">-<Properties name="AssetExplorer" logonType="S4U"
  runAs="NT AUTHORITY\System" action="U">-<Task version="1.1">-<RegistrationInfo><Author>domain2\useradmin</Author><Description>Asset Explorer</Description></RegistrationInfo>-<Principals>-<Principal
  id="Author"><UserId>NT AUTHORITY\System</UserId><LogonType>S4U</LogonType><RunLevel>LeastPrivilege</RunLevel></Principal></Principals>-<Settings>-<IdleSettings><Duration>PT5M</Duration><WaitTimeout>PT1H</WaitTimeout><StopOnIdleEnd>false</StopOnIdleEnd><RestartOnIdle>false</RestartOnIdle></IdleSettings><MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy><DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries><StopIfGoingOnBatteries>false</StopIfGoingOnBatteries><AllowHardTerminate>false</AllowHardTerminate><AllowStartOnDemand>false</AllowStartOnDemand><Enabled>true</Enabled><Hidden>false</Hidden><ExecutionTimeLimit>P1D</ExecutionTimeLimit><Priority>7</Priority></Settings>-<Actions
  Context="Author">-<Exec><Command>\\domain\NETLOGON\Global\mycommand.cmd</Command></Exec></Actions>-<Triggers>-<CalendarTrigger><StartBoundary>2015-02-05T23:00:00</StartBoundary><Enabled>true</Enabled>-<ScheduleByDay><DaysInterval>1</DaysInterval></ScheduleByDay><ExecutionTimeLimit>P1D</ExecutionTimeLimit></CalendarTrigger></Triggers></Task></Properties></TaskV2>
  </ScheduledTasks>

• [Forum FAQ] Group Policy Preferences Scheduled Tasks Item not working when the option Run whether user is logged on or not is selected

  Scenario:
  We use one of the following Group Policy Preferences Scheduled Tasks item to deploy a task to clients:
  Computer Configuration -> Control Panel Settings -> Scheduled Tasks -> New -> Scheduled Task (At least Windows 7)
  Computer Configuration -> Control Panel Settings -> Scheduled Tasks -> New -> Immediate Task (At least Windows 7)
  User Configuration -> Control Panel Settings -> Scheduled Tasks -> New -> Scheduled Task (At least Windows 7)
  User Configuration -> Control Panel Settings -> Scheduled Tasks -> New -> Immediate Task (At least Windows 7)
  (Note that on some platforms, "At least Windows 7" is replaced with "Windows Vista and later.")
  After designating a user account to run the task, we select “Run whether user is logged on or not” option, and “The Do not store password…”
  check box is automatically grayed out (See Figure 1).
  Figure 1
  After finishing configuring the task item, on a client, we run command
  gpupdate/force to forcefully update group policy. However, on the client, when we check if the task is listed in Task Scheduler snap-in, the task is not displayed, and when we run
  gpresult/h report.html to collect group policy result for troubleshooting, we see an error as similar as shown in the following figure (Figure 2).
  Figure 2
  Cause:
  To make the scheduled task run whether the user is logged on or not, we need to store the password of the designated user account. However, for the content of the scheduled
  task item is stored in Sysvol where it’s not safe to store passwords, this function has been deprecated.
  Workaround:
  We can run the task with system account
  NT Authority\System, or we can use specific user accounts to run the task when the given user is logged on. (See Figure 3)
  Figure 3
  Reference:
  MS14-025: Vulnerability in Group Policy Preferences could allow elevation of privilege: May 13, 2014
  http://support.microsoft.com/kb/2962486
  Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.

  Hello Everyone,
  Succeeded !!!!!!!
  Even i was struggling with this same Problem to execute a batch via Window scheduler and set the setting to "Run whether the user is logged in or not".
  I tried many time but the batch runs with " Run
  whether user is logged on" and not with "Run
  whether user is logged on or not".
  what i discovered is that there was one mapped drive
  path in my batch file which was not the complete path like y:/AR.qvw actually what i did i changed that map path to the complete path like \\servnamename\d$\AR.qvw and the batch executed successfully with the setting "Run
  whether user is logged on or not"
  The
  conclusion is that check the dependency of the script on external resources because when you check this option "Run
  whether user is logged on or not" It actually conflicts. This my discovery.
  If
  you have any question write me on [email protected]
  Thanks
  & Regards,
  Arun

• Scheduled Task as Service Account - Failed to Start 2147943785

  I am attempting to run some powershell scripts that update membership of groups based on role attribute on users, then also grabs members of some groups and updates other groups with these members.
  I've delegated access through "security" to give this service account write:member and write:memberof for the Groups OU and write:memberof for the OUs containing the user accounts.
  I've updated my Default Domain Policy to give this service account Log On As Batch Job permissions.
  The scheduled task is running from a Domain Controller.
  When I attempt to run the task as the service account I receive the following:
  Task Scheduler failed to start "\SITE Role Membership" task for user "DOMAIN\GroupScripts$". Additional Data: Error Value: 2147943785.
  What am I missing here?

  Hi Allister,
  Please follow these steps t troubleshoot:
  Type "gpedit.msc", try to configure the following policy:
   [Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment]
  1.  Log on as a batch job.
  2.  Allow log on locally.
  Add the service sccount domain\username to these two policies.
  Refer to:
  Task Scheduler failed to start - Additional
  Data: Error Value: 2147943785
  If there is anything else regarding this issue, please feel free to post back.
  Best Regards,
  Anna Wang

• Group Policy Shortcut Fails to Get Created

  I get the following error in the Event Log.
  Log Name:      Application
  Source:        Group Policy Shortcuts
  Date:          2/28/2014 4:55:55 PM
  Event ID:      4098
  Task Category: (2)
  Level:         Warning
  Keywords:      Classic
  User:          SYSTEM
  Description:
  The user 'Receiver' preference item in the 'Startup Items {48A48B27-F3CE-464F-AE8F-E303263707B9}' Group Policy object did not apply because it failed with error code '0x80070002 The system cannot find the file specified.' This error was suppressed.
  I was trying to put "C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfService.exe" into the startup folder for members of a specific group. That file exists, it's there, I've put the short cut to it manually into Startup and it works. This
  makes no rational sense at all. The file is most certainly there, why doesn't it see the file? 
  All other shortcuts from GPP work fine.  Here are the properties below:
  Target type
  File system object
  Shortcut path
  %StartUpDir%\Citrix Receiver
  Target path
  "C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfService.exe"
  Start in
  "C:\Program Files (x86)\Citrix\SelfServicePlugin\"
  Shortcut key
  None
  Run
  Normal window
  Arguments --showAppPicker
  Options
  Stop processing items on this extension if an error occurs on this item
  No
  Run in logged-on user's security context (user policy option)
  Yes
  Remove this item when it is no longer applied
  Yes

  Hi,
  Based on my knowledge, this event is most likely related to permissions. We need to make sure that users can access the shortcut file. 
  Besides, which startup folder do we use?
  As stated in the following thread by Darien, Windows has two Startup folders:
  Windows has two Startup folders.
  One located in
  c:\users\xxxx\appdata\roaming\microsoft\windows\start menu\programs\startup.  This one is owned and controlled by the interactive user; therefore, he or she can write to this folder.
  The other one is located at
  c:\programdata\microsoft\windows\start menu\programs\startup.  This folder is a system folder in which interactive users must provided elevated credentials.
  Startup Folder
  http://social.technet.microsoft.com/Forums/windows/en-US/76520783-6667-4f38-8ab9-cdefab3bd4aa/startup-folder?forum=w7itproui
  Hope it helps.
  Best regards,
  Frank Shen

• Processing of Group Policy failed - User Policy - Windows 7

  OP:
  http://social.technet.microsoft.com/Forums/en-US/w7itpronetworking/thread/191f1ee1-a551-446b-9808-ff66a952bb25
  When running a gpupdate I get the following message:
  Updating Policy...
  User policy could not be updated successfully. The following errors were encount
  ered:
  The processing of Group Policy failed. Windows could not authenticate to the Act
  ive Directory service on a domain controller. (LDAP Bind function call failed).
  Look in the details tab for error code and description.
  Computer Policy update has completed successfully.
  To diagnose the failure, review the event log or run GPRESULT /H GPReport.html f
  rom the command line to access information about Group Policy results.
  This only happens on one computer under a certain account; other accounts work fine and the problem account works fine on other computers. Therefore the problem is located on the Windows 7 computer.
  I have tracked it down to an LDAP error code 49. 
  I tried the MS sollution (http://technet.microsoft.com/en-us/library/cc727283(v=ws.10).aspx) but the credentials are sound.
  I can also connect to the DC with LDP.exe fine. 
  Here are the diagnostic read outs (GPResult was too long to post):
  Log Name:      System
  Source:        Microsoft-Windows-GroupPolicy
  Date:          2/29/2012 1:56:09 PM
  Event ID:      1006
  Task Category: None
  Level:         Error
  Keywords:     
  User:          Domain\UserAccount
  Computer:      Win7-ComputerA.FQDomain
  Description:
  The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Microsoft-Windows-GroupPolicy" Guid="{AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}" />
      <EventID>1006</EventID>
      <Version>0</Version>
      <Level>2</Level>
      <Task>0</Task>
      <Opcode>1</Opcode>
      <Keywords>0x8000000000000000</Keywords>
      <TimeCreated SystemTime="2012-02-29T19:56:09.732842600Z" />
      <EventRecordID>32458</EventRecordID>
      <Correlation ActivityID="{CECE6DDC-E7CC-4563-8109-E62382F645D4}" />
      <Execution ProcessID="984" ThreadID="3688" />
      <Channel>System</Channel>
      <Computer>Win7-ComputerA.FQDomain</Computer>
      <Security UserID="S-1-5-21-416373151-1271962822-2142307910-40105" />
    </System>
    <EventData>
      <Data Name="SupportInfo1">1</Data>
      <Data Name="SupportInfo2">5012</Data>
      <Data Name="ProcessingMode">0</Data>
      <Data Name="ProcessingTimeInMilliseconds">1326</Data>
      <Data Name="ErrorCode">49</Data>
      <Data Name="ErrorDescription">Invalid Credentials</Data>
      <Data Name="DCName">
      </Data>
    </EventData>
  </Event>
  Windows IP Configuration
     Host Name . . . . . . . . . . . . : WIN7-ComputerA
     Primary Dns Suffix  . . . . . . . : FQDomain
     Node Type . . . . . . . . . . . . : Hybrid
     IP Routing Enabled. . . . . . . . : No
     WINS Proxy Enabled. . . . . . . . : No
     DNS Suffix Search List. . . . . . : FQDomain
                                         ParentDomain
  Ethernet adapter Local Area Connection:
     Connection-specific DNS Suffix  . : FQDomain
     Description . . . . . . . . . . . : Intel(R) 82579LM Gigabit Network Connecti
  on
     Physical Address. . . . . . . . . : 00-21-CC-5F-CF-DF
     DHCP Enabled. . . . . . . . . . . : Yes
     Autoconfiguration Enabled . . . . : Yes
     IPv4 Address. . . . . . . . . . . : 216.71.244.28(Preferred)
     Subnet Mask . . . . . . . . . . . : 255.255.255.0
     Lease Obtained. . . . . . . . . . : Wednesday, February 29, 2012 12:38:25 PM
     Lease Expires . . . . . . . . . . : Thursday, March 01, 2012 12:38:24 PM
     Default Gateway . . . . . . . . . : 216.71.244.1
     DHCP Server . . . . . . . . . . . : 216.71.244.2
     DNS Servers . . . . . . . . . . . : 216.71.244.2
                                         216.71.240.120
                                         216.71.240.132
     Primary WINS Server . . . . . . . : 216.71.244.2
     Secondary WINS Server . . . . . . : 216.71.240.130
                                         216.71.240.122
     NetBIOS over Tcpip. . . . . . . . : Enabled
  Wireless LAN adapter Wireless Network Connection:
     Media State . . . . . . . . . . . : Media disconnected
     Connection-specific DNS Suffix  . :
     Description . . . . . . . . . . . : Intel(R) WiFi Link 1000 BGN
     Physical Address. . . . . . . . . : 8C-A9-82-B0-67-E8
     DHCP Enabled. . . . . . . . . . . : Yes
     Autoconfiguration Enabled . . . . : Yes

  Hi,
  It sound like port blocking issue, Seems your client system connecting 216.71.240.x DNS Servers as a logon server and which seems on different subnet
  as per subnet mask, So there must be a router or firewall in between and so it might be Active directory ports are being blocked.
  So first for testing purpose just remove other
  216.71.240.x DNS
  servers from TCP/IP configuration and clear dns cache
  ipconfig/flushdns
  and restart the system. check if it works.
  or run this command on DC
  dcdiag /test:dns
  and share the error report.
  Cheers!
  Sanjay

• Failed to Connect "Group Policy Client Service" Windows 7 x64

  This error pops up everytime boot / start-up. I've tried everything, for the last month.  including
  http://support.microsoft.com/kb/2421599 In the "Resolution Section" did step by step, But did not work for me...
  Also
  http://blogs.technet.com/b/mempson/archive/2010/01/10/userenvlog-for-windows-vista-2008-win7.aspx  Didn't work either.  :(
  Is this a Winlogin problem? Or does have to do with other computers in my homegroup?
  But in Safe Mode & Safe Mode with Networking, this issue does Not appear / pop-up at start up. "Group Policy Client Service"
  ""HP Premium Remote Services"" tells me that in order to fix, I have to Re-Install Windows. And have been in contact today with Hp Premium Remote Services for over 7 hours with NO Resolution!!
  Hate to make a Recovery Partition on a New PC, in order to Re-Install Windows...
  This is a Brand New HP Pavilion HPE H8-1234 AMD Processor that I installed on 7/23/2012. Running windows 7 64-bit home premium, OS: Internet Explorer 9.
  Have a copy of Windows 7 Ultimate using Anytime Upgrade, My question is would that rectify the "Group Policy Client Service" error?
  Always run MalwareBytes Anti-Malware and Hitman Pro, in addition with Norton, on a regular basis. So that I know my system is clean...
  Any MS Engineers or Tech's have any ideas, suggestions OR help, How to Fix this issue,With-Out having to use: System Recovery/Restore. To factory condition...
  Would be Very Greatly Appreciated! HELP Me Pleeeze !!!!
  ***Because this issue Baogles my Mind! After all I'am only dealing with half a Brain, LOL- Due to Brain Tumor Surgery...

  I FOUND SOLUTION TO THIS PROBLEM!
  I had this issue on my laptop since November, and it really bugged me.  I sifted through the event log and found the pattern of events that preceded the issue, and, probably, caused it.
  In short, the pattern is as follows: Windows updates run automatically as scheduled, and when reboot is initiated after the updates are finished, the computer crashes (probably during reboot sequence).  When it boots up, it reports that the last shutdown
  was unexpected, and the issue begins to occur.
  I spent 2 days trying to dig out a solution from the Internet, to no avail, until I came across
  this page.  It doesn't say anything about this particular problem, but it gives more information about SVCHOST process that starts many services, including Group Policy Client.  It looks like during reboot a vital registry settings were lost during
  crash and Group Policy Client "doesn't know" how to start.  Let me explain:
  There are two places to look in the registry:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services this path should contain
  gpsvc key (a folder), which is responsible for service parameters and configuration.  I found that the key was intact, so, you do not touch anything here - just check that the key exists.
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SVCHOST This is the most important path you should look into, as it must contain the keys and values referred in the key #1.  Below are descriptions what must be present
  there.
  There must be Multi-String value called GPSvcGroup. My laptop was missing it.  So, you should create multi-string value named
  GPSvcGroup and assign it value GPSvc.
  Next, you must create a key (a folder) and name it GPSvcGroup - this key normally should be there, but, again, it was missin on my laptop.
  Then open newly-created GPSvcGroup folder and create 2 DWORD values:
  First called AuthenticationCapabilities and you must give it a value of 0x00003020 (or 12320 in decimal)
  Second is called CoInitializeSecurityParam and it must have value of 1.
  Once you complete all steps above, reboot the computer and the problem will be fixed.
  I am so relieved I was able to fix it, and hope this will help others with the similar issue.
  Here is the link to the video walkthrough if you have any troubles understanding what has to be done: http://youtu.be/4m5KEmckWK4
  I did try the above, but it did not fix my issue with the ""group policy client service failed the logon".
  This problem was happening on 5 different RDS Nodes. All I did was rename the Roaming Profile, then delete the locally stored profile on each RDS Server: right click COMPUTER > PROPERTIES > ADVANCED SYSTEM SETTINGS > USER PROFILES > delete the
  offending User(s).
  Hope that helps.
  Life is dangerous, no one has ever survived. So enjoy!

• Group Policy Client service failed the sign-in

  After doing an OSD with a Windows 8.1 reference image, I get the "The Group Policy Client service failed the sign-in. The Universal unique identifier (UUID) type is not supported." message. It only shows up on the first very first log in, right
  after the OSD process has completed, and never shows up again. I'm using basic OSD task sequences right now, but I'm not sure where to pinpoint the cause of this message.

  Hi,
  This is only happening when we use the original RTM ISO en_windows_8_1_enterprise_x64_dvd_2791088.iso
  (without any software update), if we instead use the en_windows_8_1_enterprise_x64_dvd_2971902.iso the error is gone.
  Apparently this ISO is updated with the
  Windows 8.1 and Windows Server 2012 R2 General Availability Update Rollup
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.