Intermittend DNS resolution, timeserver, group policy updates errors in client logs in Win 2012 R2 single server environement

Similar Messages

• Eventlog 1030 group policy update error on Windows 2012 member server

  group policy update is failing with event ID 1030
  Computer policy is getting applied but User policy Failes. Other windows 2012 servers are successfully updating.
  gpupdate /force
  Updating policy...
  Computer Policy update has completed successfully.
  User Policy could not be updated successfully. The following errors were encount
  ered:
  The processing of Group Policy failed. Windows attempted to retrieve new Group P
  olicy settings for this user or computer. Look in the details tab for error code
  and description. Windows will automatically retry this operation at the next re
  fresh cycle. Computers joined to the domain must have proper name resolution and
  network connectivity to a domain controller for discovery of new Group Policy o
  bjects and settings. An event will be logged when Group Policy is successful.
  To diagnose the failure, review the event log or run GPRESULT /H GPReport.html f
  rom the command line to access information about Group Policy results.

  Hi,
  Before going further, I assume that the user account we were using is a domain account. As a result, we can use this account to log onto other domain computers to see if its
  user policy settings can be updated successfully.
  Besides, for troubleshooting this issue, we can try to retrieve Gpsvc.log to check this issue.
  Regarding how to enable logging in the Gpsvc.log file, the following blog can be referred to for more information.
  How to enable GPO logging on windows 7 /2008 r2 ?
  http://blogs.technet.com/b/csstwplatform/archive/2010/11/09/how-to-enable-gpo-logging-on-windows-7-2008-r2.aspx
  Best regards,
  Frank Shen

• Group Policy Printers errors

  Hello everybody,
  We have a problem since few weeks with printers deployment.
  Intermittently, they are not deployed and we have errors 4098 in Event ID with codes :
  - '0x8007000a The environment is incorrect'
  - '0x8007007a The data area passed to a system call is too small'
  - '0x80070005 Access denied'
  Our server is a Windows 2008 R2 and clients are Windows7.
  We have already read these topics :
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/24dfd6c0-b460-40a7-ad18-13e404b361e7/group-policy-printers-dissapearing-from-client-machines-intermittently
  It was already enabled (Computer Configuration\Administrative Templates\System\Group Policy\Printers Policy Processing -> 
  Do not apply during periodic background processing)
  http://www.experts-exchange.com/Software/Server_Software/Active_Directory/Q_26220975.html
  We have tried to delete printers at logoff but nothing changed.
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/7d3809c4-9f36-4412-9c9f-d82614ba3eb9/printers-not-applied-error-4098-0x80070005-access-is-denied
  By default we have everybody can print. To be sure, we have added "Domain Computers" but same result.
  We have tried to create :
  - New GPO to deploy old printers queues => no changes.
  - New printers queues and deploy with old GPO => no changes.
  - New GPO to deploy new printers queue => no changes.
  Our GPO is set like this :
  - [Computer configuration/Policies/Administrative Templates/System/Group Policy]
  ○ Configure printers preference extension policy processing => all enabled
  ○ Configure user Group Policy loopback processing mode => Merge
  - [User configuration/Preferences/Control Panel Settings/Printers/Shared Printer/printername]
  ○ General => Sharepath
  \\server\printername
  ○ Common => Remove this item when it is no longer applied
  In a desperate hope we have reinstall completely some clients but we still have sometimes "Environment is incorrect".
  We don't know anymore what to do…
  Can you help us please ?

  Hello,
  Do you have installed the latest Microsoft hotfixes on your server / client
  KB2537549 - Cannot deploy a printer by using a GPO if read-only domain controllers
  are exclusively used in the domain environment in Windows 7 or in Windows Server 2008 R2. This hotfix contains the most current version of PRINTER Group Policy Preferences for Windows 7/2008 Post SP1.
  KB2647753 - Update rollup for the printing core components in Windows 7 and
  Windows Server 2008 R2.
  KB2526028 - Printing performance decreases in Windows 7 or in Windows Server
  2008 R2.
  KB2618574 - Print Spooler service saves the NetBIOS name of the print server
  in Windows 7 or in Windows Server 2008 R2
  A list of other post-SP1 hotfixes can be found here...
  Links to post
  SP1 hotfixes for Windows 7 Service Pack 1
  Links
  to post SP1 hotfixes for Windows Server 2008 R2 Service Pack 1
  List of performance
  hotfixes post SP1 for Windows 7 SP1
  Jan

• Event ID 1058 Group Policy Preprocessing Error Code 3

  You will see this in the event logs, the processing of group policy failed. It is trying to process a policy that doesn't exist. After reading http://technet.microsoft.c the
  first resolution Error code 3 (The system cannot find the path specified) lead me to this --> http://support.microsoft.c
  4. In the right details pane, double-click DisableDFS.  
  This entry doesn't exist but if I add it, it works. Problem is solved on machine 1. 
  Machine 2. This is a brand new Windows 7 setup to investigate this problem because it appears on a lot of the workstations and I have no idea why. Applying this fix did NOT solve the problem. I am a bit stuck. I have new GPs to roll out but they
  won't apply with this error in place.
  I can ping the logon server just fine and I can get to \\FQDN\sysvol as well. gpupdate /force shows the same error in the event log.

  Hi,
  Have you tried all steps in the link:
  http://support.microsoft.com/kb/314494?
  Verify you can read gpt.ini using the full network path, full network path to the gpt.ini as \\<dcName>\SYSVOL\<domain>\Policies\<guid>\gpt.ini where <dcName> is the name of the domain controller,
  <domain> is the name of the domain, and <guid> is the GUID of the policy folder.
  Please post the full event message for further analysis. In addition, we need to know that what policy did you set that could not be applied.
  Regards,
  Yan Li 
  Regards, Yan Li

• Drive restriction group policy causes error message when accessing Open and Save As Dialog Boxes on Windows 8.1

  We are running Windows 8.1 Pro x86
  I am really curious as to why the drive restriction group policy causes the error message to pop up:
  "This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator."
  It does not prevent from actual saving so functionality is not lost but it really annoys our end users and we're getting a lot of complaints. We cannot use the workaround of hiding drives instead of restricting as this still presents security issues. This
  is happens when saving (or clicking on a button like "Browse" that opens the 'Open' dialogue box) in all Office 2013 applications, Internet Explorer, Paint, Notepad, and probably most others. I've looked at many forums and no suggestions for workarounds
  have succeeded for us to get rid of this error message and in fact, I read a post that stated that someone contacted Microsoft and they said this was by design and there is no workaround. I find this very unfortunate that we either have the choice of compromising
  security or annoying our end users. It seems to me like the new dialogue box in Windows 8.1 (and maybe 8?) attempts to access the local drive under the logged in user's account before it actually opens up the dialogue box which conflicts with the group policy
  that restricts access to the drive.
  Has anyone at all had any luck getting this to go away without removing the restrictions? It seems like the answer is either buried in the Windows code or somewhere in the registry.
  Thank you in advance for your time!

  Thank you for your time and response! Unfortunately, we have the machine locked down pretty tight (they are public use computers that require heavy restriction) and it is set to restrict all drives so access is limited to the local profile. We did try
  testing your method, however, by adding the Desktop as an allowed location in the Office policy (which would not solve the issue for the other applications but was good for a test) using the path %userprofile%\desktop. When choosing that location, it does
  not throw the error but unfortunately, it does not remember like it did for your with the E: drive so it still always throws the error when first loading the dialogue box no matter what I do. If you're able to confirm that this is simply by design and we're
  just expected to inform our users to click through the errors, then I guess that's the accepted answer. Although, do you think that there might be a registry key value that is set after you save to the E: drive for the first time? Maybe we could set that value
  to %userprofile%\desktop if it's doing the redirection after the first save through registry. Thanks again!

• Group Policy Printer Error

  I am getting the following warning in my Application Log:
  Code Snippet
  The user '<Printer Name>' preference item in the 'Default Domain Policy {31B2F340-016D-11D2-945F-00C04FB984F9}' Group Policy object did not apply because it failed with error code '0x8007007b The filename, directory name, or volume label syntax is incorrect.' This error was suppressed.
  This fires off about every 1.5 hours.  Is there a way to root out and stop this warning?
  Thanks!

  It is being reapplied through background refresh, which happens about every 90 minutes.  Remove the printer mapping from your Default Domain Policy and you'll stop getting the error message.

• Group Policy Results Error

  Hello
  When i want to get Group policy Results for one Computer in Domain came out this error: (Environment win2k8 and win7)

  Hi Amir,
  >>When i want to get Group policy Results for one Computer in Domain came out this error
  Before going further, we can try to run command gpresult/h gpreport.html
  with admin privileges on the computer to see if we can successfully collect group policy result.
  Best regards,
  Frank Shen

• Group Policy Printer Error (0x80070005 Access Denied)

  I am trying the deploy two network printers via group policy using Server 2008 R2 SP1. I created the GPO and added the printers from our print server under computer configuration so that it will apply to the computers, not just the users. After a computer in
  the correct OU Gpupdates I recieve the following error in it's application event log:
  WARNING: GROUP POLICY PRINTERS
  Group Policy object did not apply because it failed with error code 0x80070005 Access is Denied. This error was suppresed.
  Any suggestions or thoughts are appreciated. I have been dealing with this error and trying the figure it out for awhile now. 

  Hi,
  This issue mostly can be caused due to the incorrect permission settings.
  Please try to perform the troubleshooting steps the following Microsoft TechNet blog provides.
  Group Policies and Access Denied
  http://blogs.technet.com/b/matthewms/archive/2005/10/29/413275.aspx
  Regards,
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• How to force group policy update remotely in a bunch of desktops(computers name in a textfile) by using powershell script?

  Hi,
  I want to force group policy on a collection of computers remotely.The name of computers can be stored in a text file.
  By using this info. (about computer names) , Could you please guide me writing a Powershell script for this.
  Thanks in advance.
  Daya

  This requires that PSRemoting is enabled in your environment.
  $Computers = Get-Content -Path 'C:\computers.txt'
  Invoke-Command -ComputerName $Computers -ScriptBlock {
  GPUpdate /Force

• Group Policy Shortcut Error

  Hi All
  I am trying to create a shortcut via GP to point to our print server, so people can connect to optional printers. we have the following settings set in the policy.
  Action Create
  Type: File System Object
  Path: Desktop
  Target: "\\server"
  Icon Path: C:\Windows\System32\imageres.dll
  Icon index: 48
  Shortcut Key: none
  Run: normal window
  But this is not working and is throwing the following error in a gpresult: Result: Failure (Error Code: 0x80070002)
  Does anyone have any ideas why this is happening?
  Thanks,
  Richard

  Please edit the policy as a "Shell Object". 
  http://technet.microsoft.com/en-us/library/cc753580.aspx
  Alper YAZGAN *

• Group policy template for Novell Client for Windows 7

  Does anyone know if there is a group policy template for the Novell Client for Windows 7? I find it really hard to believe that Novell has not yet released one, but I cannot find one anywhere. We use ZCM 11.2, and I really need to be able to send out settings for the client via a group policy.
  By the way, I am also posting this on the Novell Client forum, but since this is also a ZCM thing, I am hoping I might get some feedback here.
  Rick P

  Two recent/new resources are available for the Novell Client 2 SP3 for Windows:
  Cool Solutions AppNote: Novell Client 2 SP3 for Windows: Registry Settings
  Novell Client 2 SP3 for Windows: Registry Settings | Novell User Communities
  Cool Solutions Tool: Group Policy Administrative Template for Novell Client 2 SP3 for Windows
  Group Policy Administrative Template for Novell Client 2 SP3 for Windows | Novell User Communities

• Windows Server 2008 Standard: Multiple Concerns: Inconsistent group policy update on client PC's, frequent disconnections of map drives and remote connection

  Hi this is my first time to ask a question here in this community.
  I am a system administrator here at my work and we are having some issues on some servers that we handle. Network in our office is stable and we have determined it is not a problem on the connection.
  First issue - One of our domain controller consistently drops out on our Directory Server and saying it's unavailable.
  Second issue - Unable to ping hostname but IP address works fine. (Sometimes hostname is ok but very intermittent)
  Third issue - Since connection is unstable map drives causes to disconnect
  If someone can provide any assistance on this matter it would be a great help. If screenshots needed for proper assistance would be appreciative.
  Just to add that this only happen after a power failure last April of this month and a few weeks bluescreen started to show. It is a hazy version wasn't able to get any code that may lead to a hardware failure. 
  Now our main RDC.local is also affected so we are trying to isolate this issue and exhauted my brain since we cannot determine what causes it. Need external assistance just to give us a lead on where we can get this resolved.

  Hi Ryan,
  Before going further, would you please let me confirm something more? Thanks for your understanding.
  1. For first issue, would you please let me know OS edition information of the problematic DC? Was it Windows Server 2008 R2 or Windows Server 2012 or any other?
  à
  One of our domain controller consistently drops out on our Directory Server and saying it's unavailable.
  Would you please let me know the complete error message or provide a screenshot of it?
  (Please hide all protected or private information.) Meanwhile, please log on the problematic DC and check if find relevant events or errors in Event Viewer.
  2. For the second issue, it seems to be a DNS issue. Did you run
  ipconfig /flushdns and ipconfig /registerdns command? Any find? Meanwhile, please use
  ipconfig /all to display full TCP/IP configuration and check. Or you can post the
  ipconfig result here. It may help us to go further analyze. By the way, would you please let me know error message that you can get when be unable to ping via hostname?
  3.
  àSince connection is unstable map drives causes to disconnect
  May be a cause.
  If any update, please feel free to let me know.
  Hope this helps.
  Best regards,
  Justin Gu

• Error creating a new BPEL domain in a 2 server environment with common DS

  I want to create two new BPEL domains, one for production and one for test env
  instead of using the default domain.
  There are two application servers with BPEL PM (10.1.2.0.2) using the same
  Dehydration Store. Active-Active mode, no cluster.
  A new BPEL domain is created successfully with BPEL Admin Console in server A.
  The problem is the server B knows nothing about the new domain. I cannot select
  the new domain on BPEL Console login page on server B.
  When I tried to create the same domain in server B the following error
  occured:
  Exception
  Operation failed because:
  Error updating domain index.
  An exception occurred while writing the domain index (id"szolinfo", ref "1") to
  the datastore; the exception reported is: ORA-00001: unique constraint
  (ORABPEL.DOM_PK) violated
  Please check that:
  + the machine hosting the datasource is physically connected to the
  network.
  + the connection pool properties as defined in the application server
  startup properties are valid.
  + the database schema for the OraBPEL server has been installed in the
  datasource.
  This is because the two servers are using the same database.
  The new domain require a new folder and a lot of files also inside the domains
  folder on server A and B. On server A this is created by BPEL Admin Console.
  How to create the same domain in server B?
  Are there any scripts/tools to use for this reason?

  These steps on Server B resolved the problem:
  1: cp -r domains/default domains/<new-domain-name>
  2. cd domain/<new-domain-name>/config
  3. Edit the following files by replacing the string 'default' with the name of your
  new created domain in the following
  elements/attributes:
  archive-config.xml: <value>/home/mla/app/bpel101202/integration/orabpel/domains/de
  fault/archive</value>
  domain.xml: <bpel-domain-descriptor version="2.0.6" id="default">
  4: In the case that the password for the domain is different compared to the default domain, the file 'auth.properties' has
  to be copied over from the server where the domain was created.
  5. Restart the BPEL PM

• SCCM 2007 Getting errors in Sender.logs "Cannot retrieve the FQDN of server PLOSCMWPINF01 from AD, Win32 error = 203"

  
  Please help me with this, I have checked the network connection and its fine.
  Cheers, Prabhakar Mishra SCCM Administrator

  Based on the log, it is trying to perform name resolution on the two systems and it fails. The first attempt is using DNS and the second -- which is failing also -- is trying to get the FQDN from AD (so that it can perform a DNS lookup on the entire FQDN
  instead of just the host name).
  Thus, there's no way for it to communicate with the specified system. This is first and foremost a DNS/name resolution issue. Fix that, and all will be well.
  Jason | http://blog.configmgrftw.com

• Domain Group Policy changes causes clients to be unable to connect to WSUS for Windows Updates

  Domain Controller is Windows Server 2008 R2 64-bit, Group Policy Management version 6.0.0.1. WSUS server is Windows Server 2008 Enterprise 32-bit, Update Services version 3.2.7600.226. Client machines are Windows 7, some are 64-bit and some are 32-bit.
  Every time we make any changes to any of our Group Policies most of our clients stop getting their Windows Updates from the WSUS server within 2-3 days. This occurs when we add a new policy for a group of users, temporarily disable a policy or edit a policy.
  Check of the WindowsUpdate.log on affected client machines shows:
  2014-06-25 13:40:44:976  760 1610 PT WARNING: GetAuthorizationCookie failure, error = 0x80072EE2, soap client error = 5, soap error code = 0, HTTP status code = 200
  2014-06-25 13:40:44:977  760 1610 PT WARNING: Failed to initialize Simple Targeting Cookie: 0x80072ee2
  2014-06-25 13:40:44:977  760 1610 PT WARNING: PopulateAuthCookies failed: 0x80072ee2
  2014-06-25 13:40:44:977  760 1610 PT WARNING: RefreshCookie failed: 0x80072ee2
  2014-06-25 13:40:44:977  760 1610 PT WARNING: RefreshPTState failed: 0x80072ee2
  2014-06-25 13:40:44:977  760 1610 PT WARNING: PTError: 0x80072ee2
  2014-06-25 13:40:44:977  760 1610 Report WARNING: Reporter failed to upload events with hr = 80072ee2.
  A further check of the log files shows:
  2014-06-21 19:36:06:995  156 1b0c Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <proxy server name:8080> Bypass List used : <(null)> Auth Schemes used : <>
  We do not use a proxy except for Internet connections. We configure IE with a pac file. This is set through Group Policy since we restrict user accounts from being able to set it. 
  The clients that are connecting to the WSUS server have these entries instead:
  2014-06-24 09:12:16:779  992 270 Agent Setting download properties on call A20329BC-3467-4B7E-B9F4-6AC6ACBA23E1: priority=3, interactive=1, owner is system=0, proxy settings=1, proxy session id=2
  I have a routine that will fix the problem but it is time-consuming and pulls me away from other things I should be doing:
  Run registry files on client machine (WindowsUpdate and AU) This is not always necessary and is already set by Group Policy and the affected clients already have the registry settings. No idea why it is necessary to do but it the steps below don't always
  work unless it is.
  netstop bits and netstop wuauserv
  ipconfig /flushdns
  Delete qmgr*.* files from Downloader folder
  Delete Software Distribution folder
  Run from command prompt:
  sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
  sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
  netstart bits and netstart wuauserv
  wuauclt /resetauthorization /detectnow
  Run Windows Updates again from Control Panel
  This routine always fixes the problem but I've found that I must do each step to guarantee success.
  How or where is the proxy setting being changed for WSUS that we see in the WindowsUpdate logs and how do I prevent this from happening? It is also curious that it happens to most but not all of the client machines. When it does happen it's not always the
  same client machines.

  You're right - the WSUS server is on the inside and does not need a proxy server. Tried running the netsh winhttp reset proxy command but was still not able to connect to the WSUS server. After running the netsh winhttp reset proxy command received response:
  Current WinHTTP proxy setting: Direct access <no proxy server>.
  Ran the command at 13:49 and then tried Windows Updates again. Here's snippet from the log file:
  2014-06-27 13:49:56:889  548 f6c AU Triggering AU detection through DetectNow API
  2014-06-27 13:49:56:890  548 f6c AU Triggering Online detection (interactive)
  2014-06-27 13:49:56:890  548 4b8 AU #############
  2014-06-27 13:49:56:890  548 4b8 AU ## START ##  AU: Search for updates
  2014-06-27 13:49:56:890  548 4b8 AU #########
  2014-06-27 13:49:56:893  548 4b8 AU <<## SUBMITTED ## AU: Search for updates [CallId = {9CE06AB2-E859-4B4D-8D1A-193AD89623C5}]
  2014-06-27 13:49:56:893  548 1260 Agent *************
  2014-06-27 13:49:56:893  548 1260 Agent ** START **  Agent: Finding updates [CallerId = AutomaticUpdates]
  2014-06-27 13:49:56:893  548 1260 Agent *********
  2014-06-27 13:49:56:893  548 1260 Agent   * Online = Yes; Ignore download priority = No
  2014-06-27 13:49:56:893  548 1260 Agent   * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1
  or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
  2014-06-27 13:49:56:893  548 1260 Agent   * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
  2014-06-27 13:49:56:893  548 1260 Agent   * Search Scope = {Machine}
  2014-06-27 13:49:56:893  548 1260 Setup Checking for agent SelfUpdate
  2014-06-27 13:49:56:893  548 1260 Setup Client version: Core: 7.6.7600.256  Aux: 7.6.7600.256
  2014-06-27 13:49:56:894  548 1260 Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab:
  2014-06-27 13:49:56:901  548 1260 Misc  Microsoft signed: Yes
  2014-06-27 13:49:56:927  548 1260 Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab:
  2014-06-27 13:49:56:934  548 1260 Misc  Microsoft signed: Yes
  2014-06-27 13:49:56:936  548 1260 Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab:
  2014-06-27 13:49:56:943  548 1260 Misc  Microsoft signed: Yes
  2014-06-27 13:49:56:956  548 1260 Misc Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab:
  2014-06-27 13:49:56:962  548 1260 Misc  Microsoft signed: Yes
  2014-06-27 13:49:56:974  548 1260 Setup Determining whether a new setup handler needs to be downloaded
  2014-06-27 13:49:56:974  548 1260 Setup SelfUpdate handler is not found.  It will be downloaded
  2014-06-27 13:49:56:974  548 1260 Setup Evaluating applicability of setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.256"
  2014-06-27 13:49:56:976  548 1260 Setup Setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.256" is already installed.
  2014-06-27 13:49:56:976  548 1260 Setup Evaluating applicability of setup package "WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256"
  2014-06-27 13:49:56:989  548 1260 Setup Setup package "WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256" is already installed.
  2014-06-27 13:49:56:989  548 1260 Setup Evaluating applicability of setup package "WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256"
  2014-06-27 13:49:57:007  548 1260 Setup Setup package "WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256" is already installed.
  2014-06-27 13:49:57:007  548 1260 Setup SelfUpdate check completed.  SelfUpdate is NOT required.
  2014-06-27 13:49:57:165  548 1260 PT +++++++++++  PT: Synchronizing server updates  +++++++++++
  2014-06-27 13:49:57:165  548 1260 PT   + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL =
  http://(FQDN of WSUS server)/ClientWebService/client.asmx
  2014-06-27 13:49:57:175  548 1260 PT WARNING: Cached cookie has expired or new PID is available
  2014-06-27 13:49:57:175  548 1260 PT Initializing simple targeting cookie, clientId = 6be4a1ae-3313-4855-bdb1-57e3312f03ec, target group = AGENCIES, DNS name = dpk2.clear-rcic.rcc.org
  2014-06-27 13:49:57:175  548 1260 PT   Server URL =
  http://(FQDN of WSUS server)/SimpleAuthWebService/SimpleAuth.asmx
  2014-06-27 13:50:57:280  548 1260 Misc WARNING: SendRequest failed with hr = 80072ee2. Proxy List used: <(proxy server):8080> Bypass List used : <(null)> Auth Schemes used : <>
  2014-06-27 13:50:57:281  548 1260 PT   + Last proxy send request failed with hr = 0x80072EE2, HTTP status code = 0
  2014-06-27 13:50:57:281  548 1260 PT   + Caller provided proxy = No
  2014-06-27 13:50:57:281  548 1260 PT   + Proxy list used = webgate.rcc.org:8080
  2014-06-27 13:50:57:281  548 1260 PT   + Bypass list used = <NULL>
  2014-06-27 13:50:57:281  548 1260 PT   + Caller provided credentials = No
  2014-06-27 13:50:57:281  548 1260 PT   + Impersonate flags = 0
  2014-06-27 13:50:57:281  548 1260 PT   + Possible authorization schemes used =
  2014-06-27 13:50:57:281  548 1260 PT WARNING: GetAuthorizationCookie failure, error = 0x80072EE2, soap client error = 5, soap error code = 0, HTTP status code = 200
  2014-06-27 13:50:57:281  548 1260 PT WARNING: Failed to initialize Simple Targeting Cookie: 0x80072ee2
  2014-06-27 13:50:57:281  548 1260 PT WARNING: PopulateAuthCookies failed: 0x80072ee2
  2014-06-27 13:50:57:281  548 1260 PT WARNING: RefreshCookie failed: 0x80072ee2
  2014-06-27 13:50:57:281  548 1260 PT WARNING: RefreshPTState failed: 0x80072ee2
  2014-06-27 13:50:57:281  548 1260 PT WARNING: Sync of Updates: 0x80072ee2
  2014-06-27 13:50:57:281  548 1260 PT WARNING: SyncServerUpdatesInternal failed: 0x80072ee2
  2014-06-27 13:50:57:281  548 1260 Agent   * WARNING: Failed to synchronize, error = 0x80072EE2
  2014-06-27 13:50:57:282  548 1260 Agent   * WARNING: Exit code = 0x80072EE2
  2014-06-27 13:50:57:282  548 1260 Agent *********
  2014-06-27 13:50:57:282  548 1260 Agent **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
  2014-06-27 13:50:57:282  548 1260 Agent *************
  2014-06-27 13:50:57:282  548 1260 Agent WARNING: WU client failed Searching for update with error 0x80072ee2
  2014-06-27 13:50:57:302  548 e04 AU >>##  RESUMED  ## AU: Search for updates [CallId = {9CE06AB2-E859-4B4D-8D1A-193AD89623C5}]
  2014-06-27 13:50:57:302  548 e04 AU   # WARNING: Search callback failed, result = 0x80072EE2
  2014-06-27 13:50:57:302  548 e04 AU   # WARNING: Failed to find updates with error code 80072EE2
  2014-06-27 13:50:57:302  548 e04 AU #########
  2014-06-27 13:50:57:302  548 e04 AU ##  END  ##  AU: Search for updates [CallId = {9CE06AB2-E859-4B4D-8D1A-193AD89623C5}]
  2014-06-27 13:50:57:302  548 e04 AU #############
  2014-06-27 13:50:57:303  548 e04 AU Successfully wrote event for AU health state:0
  2014-06-27 13:50:57:303  548 e04 AU AU setting next detection timeout to 2014-06-27 22:50:57
  2014-06-27 13:50:57:304  548 e04 AU Setting AU scheduled install time to 2014-06-28 05:00:00
  2014-06-27 13:50:57:304  548 e04 AU Successfully wrote event for AU health state:0
  2014-06-27 13:50:57:305  548 e04 AU Successfully wrote event for AU health state:0
  2014-06-27 13:51:02:285  548 1260 Report REPORT EVENT: {BD25B39C-6570-454C-A046-AF3AF2DEBDD4} 2014-06-27 13:50:57:282-0400 1 148 101 {00000000-0000-0000-0000-000000000000} 0 80072ee2 AutomaticUpdates Failure Software
  Synchronization Windows Update Client failed to detect with error 0x80072ee2.
  2014-06-27 13:51:02:295  548 1260 Report CWERReporter::HandleEvents - WER report upload completed with status 0x8
  2014-06-27 13:51:02:295  548 1260 Report WER Report sent: 7.6.7600.256 0x80072ee2 00000000-0000-0000-0000-000000000000 Scan 101 Managed
  2014-06-27 13:51:02:295  548 1260 Report CWERReporter finishing event handling. (00000000)
  2014-06-27 13:51:48:184  548 4b8 AU ###########  AU: Uninitializing Automatic Updates  ###########
  2014-06-27 13:51:48:187  548 4b8 DnldMgr FATAL: DM:CBitsJob::SetCallbackHandler: SetNotifyInterface failed with 0x80080008.
  2014-06-27 13:51:48:187  548 4b8 DnldMgr FATAL: DM:CBitsJob::SetCallbackHandler: SetNotifyInterface failed with 0x80080008.
  2014-06-27 13:51:48:187  548 4b8 DnldMgr FATAL: DM:CBitsJob::SetCallbackHandler: SetNotifyInterface failed with 0x80080008.
  2014-06-27 13:51:48:187  548 4b8 DnldMgr FATAL: DM:CBitsJob::SetCallbackHandler: SetNotifyInterface failed with 0x80080008.
  2014-06-27 13:51:48:187  548 4b8 Report CWERReporter finishing event handling. (00000000)
  2014-06-27 13:51:48:252  548 4b8 Service *********
  2014-06-27 13:51:48:252  548 4b8 Service **  END  **  Service: Service exit [Exit code = 0x240001]
  2014-06-27 13:51:48:252  548 4b8 Service *************
  2014-06-27 13:51:53:002  548 160c Misc ===========  Logging initialized (build: 7.6.7600.256, tz: -0400)  ===========
  2014-06-27 13:51:53:002  548 160c Misc   = Process: C:\Windows\system32\svchost.exe
  2014-06-27 13:51:53:002  548 160c Misc   = Module: c:\windows\system32\wuaueng.dll
  Ran a batch file which resets the AU and WindowsUpdate registry keys and then runs the steps listed above:
  regedit /s C:\WindowsUpdate.reg
  regedit /s C:\AU.reg
  net stop bits
  net stop wuauserv
  Ipconfig /flushdns
  del C:\ProgramData\Microsoft\Network\Downloader\qmgr*.*
  del  /F /Q C:\Windows\SoftwareDistribution\*.*
  sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
  sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
  net start bits
  net start wuauserv
  wuauclt /resetauthorization /detectnow
  After this runs, am able to connect to WSUS server for updates. I mentioned Group Policy changes because this only breaks after the Group Policy changes. It doesn't affect every client machine but most of them. Was wondering how the proxy gets reset from
  none to the proxy server for Windows Updates?