Windows 7 Group Policy Processing - EventID 1058
I am having an issue with Windows 7 clients refreshing group policy. When I run gpupdate the user policy refreshes and the moves on to the computer policies but fails displaying the error below. Replication topology checks out, dcdiag returns
no errors and sysvol permissions look ok too. Curiously the same policies apply just fine on windows xp pro systems. The Domain Controller is running Server 2008 Enterprise Edt R2 SP1, I see no 1030 eventid's on the domain controllers as others
frequently report with this error. The domain is running at Windows Server 2003 functional level but I have creaded a PolicyDefinitions folder in the sysvol for admx files etc. Where to go from here? Does anyone have any suggestions/insight
as to what the issue may be?
The sysvol and the gpt.ini file is accessible from the Windows 7 client using UNC path.
Thanks in advance for any assistance given.
The error code listed is 0 which is not mentioned in this article
http://social.technet.microsoft.com/wiki/contents/articles/1456.aspx
## Error details
Log Name: System
Source: Microsoft-Windows-GroupPolicy
Date: 2/8/2012 2:38:09 PM
Event ID: 1058
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: win7box.abc123.net
Description:
The processing of Group Policy failed. Windows attempted to read the file
\\abc123.net\SysVol\abc123.net\Policies\{EB062BE8-CAF6-47B4-9B8B-27A19268C520}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused
by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-GroupPolicy" Guid="{AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}" />
<EventID>1058</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>1</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2012-02-08T20:38:09.770740300Z" />
<EventRecordID>3972</EventRecordID>
<Correlation ActivityID="{24F60AA4-DC8D-4F6D-8787-9535072F03C0}" />
<Execution ProcessID="996" ThreadID="1148" />
<Channel>System</Channel>
<Computer>win7box.abc123.net</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="SupportInfo1">4</Data>
<Data Name="SupportInfo2">816</Data>
<Data Name="ProcessingMode">0</Data>
<Data Name="ProcessingTimeInMilliseconds">3354</Data>
<Data Name="ErrorCode">0</Data>
<Data Name="ErrorDescription">The operation completed successfully. </Data>
<Data Name="DCName">DC.abc123.net</Data>
<Data Name="GPOCNName">CN={EB062BE8-CAF6-47B4-9B8B-27A19268C520},CN=Policies,CN=System,DC=abc123,DC=net</Data>
<Data Name="FilePath">\\abc123.net\SysVol\abc123.net\Policies\{EB062BE8-CAF6-47B4-9B8B-27A19268C520}\gpt.ini</Data>
</EventData>
</Event>
## DCDiag Results (No RODC's hence NCSecDesc error )
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DC
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: North\DC
Starting test: Connectivity
......................... DC passed test Connectivity
Doing primary tests
Testing server: North\DC
Starting test: Advertising
......................... DC passed test Advertising
Starting test: FrsEvent
......................... DC passed test FrsEvent
Starting test: DFSREvent
......................... DC passed test DFSREvent
Starting test: SysVolCheck
......................... DC passed test SysVolCheck
Starting test: KccEvent
......................... DC passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DC passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC passed test MachineAccount
Starting test: NCSecDesc
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,DC=abc123,DC=net
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=DomainDnsZones,DC=abc123,DC=net
......................... DC failed test NCSecDesc
Starting test: NetLogons
......................... DC passed test NetLogons
Starting test: ObjectsReplicated
......................... DC passed test ObjectsReplicated
Starting test: Replications
......................... DC passed test Replications
Starting test: RidManager
......................... DC passed test RidManager
Starting test: Services
......................... DC passed test Services
Starting test: SystemLog
......................... DC passed test SystemLog
Starting test: VerifyReferences
......................... DC passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : abc123
Starting test: CheckSDRefDom
......................... abc123 passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... abc123 passed test CrossRefValidation
Running enterprise tests on : abc123.net
Starting test: LocatorCheck
......................... abc123.net passed test LocatorCheck
Starting test: Intersite
......................... abc123.net passed test Intersite
I shortened this down a good bit but here is the gist of it, my question is which context/user/account is being denied access to the .ini files? I have never used the streams utility but I'll give it a whirl and report back what I get. Most of
the cannot be accessed are probably just policies that are not applicable to the machine but the gpt.ini errors are baffling me.
New GPO - it appears that new GPOs are fine
GPSVC(3e4.80c) 12:43:27:510 ProcessGPO: Searching <cn={5D0EF3CD-7942-4A89-A879-4F9FDB3064BF},cn=policies,cn=system,DC=abc123,DC=net>
GPSVC(3e4.80c) 12:43:27:510 ProcessGPO: Machine has access to this GPO.
GPSVC(3e4.80c) 12:43:27:510 ProcessGPO: GPO passes the filter check.
GPSVC(3e4.80c) 12:43:27:510 ProcessGPO: Found functionality version of: 2
GPSVC(3e4.80c) 12:43:27:510 ProcessGPO: Found file system path of: <\\abc123.net\SysVol\abc123.net\Policies\{5D0EF3CD-7942-4A89-A879-4F9FDB3064BF}>
GPSVC(3e4.80c) 12:43:27:510 ProcessGPO: Found common name of: <{5D0EF3CD-7942-4A89-A879-4F9FDB3064BF}>
GPSVC(3e4.80c) 12:43:27:510 ProcessGPO: Found display name of: <gpoC-Win7Test>
GPSVC(3e4.80c) 12:43:27:510 ProcessGPO: Found machine version of: GPC is 0, GPT is 0
GPSVC(3e4.80c) 12:43:27:510 ProcessGPO: Found flags of: 0
GPSVC(3e4.80c) 12:43:27:510 ProcessGPO: No client-side extensions for this object.
GPSVC(3e4.80c) 12:43:27:510 ProcessGPO: GPO gpoC-Win7Test doesn't contain any data since the version number is 0. It will be skipped.
Older GPO's - not so fine
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={B34A8F23-269C-43D8-A097-2307729FBFF6},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: ==============================
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: Searching <CN={55338992-95C9-4FA2-80E4-0ED4A623EE09},CN=Policies,CN=System,DC=abc123,DC=net>
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: Machine has access to this GPO.
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: GPO passes the filter check.
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: Found functionality version of: 2
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: Found file system path of: <\\abc123.net\SysVol\abc123.net\Policies\{55338992-95C9-4FA2-80E4-0ED4A623EE09}>
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: Found common name of: <{55338992-95C9-4FA2-80E4-0ED4A623EE09}>
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: Found display name of: <gpoS-RealPlayerEnt6 - Security>
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: Found machine version of: GPC is 0, GPT is 0
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: Found flags of: 0
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: No client-side extensions for this object.
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: GPO gpoS-RealPlayerEnt6 - Security doesn't contain any data since the version number is 0. It will be skipped.
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: ==============================
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={C92FD413-E891-47E0-B554-BD7F9209D036},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={FEF33797-46D0-452A-B3D7-0BEEC2330592},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={CCBFECA5-2FF8-4512-8CE4-108C4092D009},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={767959D5-7AB6-4D55-A02E-3F54439CC7DA},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={10DCAC5E-9904-41FF-B678-E8514F481E56},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={3229FD3D-868A-4406-AFAF-6449ADBB4749},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={1DD39B5C-B930-4750-8EC3-42D0FB89A3B9},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={E10350D2-F632-4D5E-9668-4151596B1D77},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={86C864C5-C861-42FC-B728-BAEE81C9A091},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={FE1162BF-9FE2-4F04-A514-80A8E6D5F7CD},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={F68214D3-33F3-4F76-BE26-306D0237A048},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={CA6B06CE-C546-41F1-87FB-9013701AEF00},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={C8C9EFA2-90AA-4162-9051-23FD83B5CF62},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={DE445C4F-9A0F-488F-8769-C041CF2184AA},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={7CDB465C-55AC-4CBC-9C18-F3ADACDFEB46},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={F4E0F78E-BE36-4793-A8B1-83B2D67083F1},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={53359F0A-8C9B-4831-936F-3D47C4CC2694},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={6793DBEE-47B0-458D-8F1C-D92EB7015733},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={93919120-7113-47C0-AA38-0561EAB18E42},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={5ABD1D9E-07E4-4A53-B854-A2FFC3B257CB},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={71E2B86C-A4A0-47C0-9D7F-BDD6220B9FA4},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={4401CF1C-7839-4496-BB87-304A8AB917FC},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={1244CA5A-D654-4ED6-9374-148F1F3DA8ED},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={42875CF2-B9E9-4EFA-90C2-7ACA8882F1B7},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={6DD428B6-6B19-4A53-B172-57DB3E15A38E},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={983BFDAD-65F0-42B4-807A-E78DF275C352},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={AFA31A2D-07D8-4CB4-BE86-067A9624E324},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={77C9CA17-6359-4355-9FDF-F605F0441245},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={75D43291-6FA2-4B98-8422-228DDB45571B},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={870C6FB3-74CD-46E8-9D4D-E6E6C0A2B52D},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={2144E4CF-01C1-4C5B-984B-E9BD4461406F},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={7D9DB917-1245-46BD-AEBF-163A2F0FCD06},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={B7431941-5DAA-4DD2-A569-35C31B92B677},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={D01BF1D1-33C8-4FC3-95C3-5948A1EE1647},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={57D4AD83-3BBF-43C2-9A3B-F71F3E52C2A6},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={A8DB7DAC-42F0-43FC-99E1-F1AC15006101},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={56574927-6DC5-48A7-82F9-A00E820335F6},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={2FB6858E-8B1C-4C89-83B2-0EEE97D9A72B},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={93C56E3F-5334-4325-A328-0CCAFED0828B},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={1B64E00F-D3B6-49B6-B6C8-7AD0A8C9AEFA},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={81B4E46C-8249-4547-BC75-9A1FB395E282},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 EvalList: Object <CN={43D5184A-73C8-4BFD-9B09-33C70B8BC3C2},CN=Policies,CN=System,DC=abc123,DC=net> cannot be accessed
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: ==============================
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: Searching <CN={0ABE0BCF-0BC5-481E-AC86-5768D00901D5},CN=Policies,CN=System,DC=abc123,DC=net>
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: Machine has access to this GPO.
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: GPO passes the filter check.
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: Found functionality version of: 2
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: Found file system path of: <\\abc123.net\SysVol\abc123.net\Policies\{0ABE0BCF-0BC5-481E-AC86-5768D00901D5}>
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: Couldn't find the group policy template file <\\abc123.net\SysVol\abc123.net\Policies\{0ABE0BCF-0BC5-481E-AC86-5768D00901D5}\gpt.ini>,
error = 0x0. DC: DC2.abc123.net
GPSVC(3e4.80c) 12:43:27:541 ProcessGPO: ==============================
GPSVC(3e4.80c) 12:43:27:541 EvalList: ProcessGPO failed
GPSVC(3e4.80c) 12:43:27:541 GetGPOInfo: EvaluateDeferredGPOs failed. Exiting
GPSVC(3e4.80c) 12:43:27:541 GetGPOInfo: Leaving with 0
GPSVC(3e4.80c) 12:43:27:541 GetGPOInfo: ********************************
GPSVC(3e4.80c) 12:43:27:541 ProcessGPOs: GetGPOInfo failed.
GPSVC(3e4.80c) 12:43:27:541 ProcessGPOs: No WMI logging done in this policy cycle.
GPSVC(3e4.80c) 12:43:27:541 ProcessGPOs: Processing failed with error 87.
GPSVC(3e4.80c) 12:43:27:557 Application complete with bConnectivityFailure = 0.
GPSVC(3e4.80c) 12:43:27:557 Signalling 1 Refresh Policy callers
GPSVC(f84.df4) 12:43:27:557 Exiting RefreshPolicyForPrincipal with status = 0
GPSVC(3e4.80c) 12:43:27:557 GPLockPolicySection: Sid = (null), dwTimeout = 600000, dwFlags = 0
GPSVC(3e4.80c) 12:43:27:557 LockPolicySection called for user <Machine>
GPSVC(3e4.80c) 12:43:27:557 Sync Lock Called
GPSVC(3e4.80c) 12:43:27:557 Writer Lock got immediately.
GPSVC(3e4.80c) 12:43:27:557 Lock taken successfully
GPSVC(3e4.80c) 12:43:27:557 UnLockPolicySection called for user <Machine>
GPSVC(3e4.80c) 12:43:27:557 UnLocked successfully
Similar Messages
-
Windows Group policy on win XP via boot camp
i have a MBP 17" and im trying to block some web pages for a certain non admin user ....does Windows group policy or the GPMC still work on win XP pro via boot camp
thanksYes it should work fine. If you are planning to work your mac on your network, there are a few security items you will need to disable within the GPMC to be able to access shares on windows boxes - running windows though will have no differences as it is essentially just another windows box.
-
Group Policy processing failure on 2008 when MIX Domain 2003 with DC 2008
Dear I try to add additional Windows 2008 Domain to My Domain controller 2003 and I ma Receiving Group policy error in DC 2008 With Event ID 1055
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="Microsoft-Windows-GroupPolicy" Guid="{AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}" />
<EventID>1055</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>1</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2014-03-06T14:36:44.411955300Z" />
<EventRecordID>3859</EventRecordID>
<Correlation ActivityID="{28DAD258-26D0-4C1E-A4B7-F37DEE04C8F1}" />
<Execution ProcessID="952" ThreadID="3276" />
<Channel>System</Channel>
<Computer>PRIMARYDC.Qtit.com</Computer>
<Security UserID="S-1-5-18" />
</System>
- <EventData>
<Data Name="SupportInfo1">1</Data>
<Data Name="SupportInfo2">1632</Data>
<Data Name="ProcessingMode">0</Data>
<Data Name="ProcessingTimeInMilliseconds">1578</Data>
<Data Name="ErrorCode">5</Data>
<Data Name="ErrorDescription">Access is denied.</Data>
</EventData>
</Event>
I install See KB939820 for a hotfix applicable to Microsoft DC 2003 regrading to he KRBTGT account
Refer Url : http://support.microsoft.com/kb/939820
I run dcdiag /v on and repadmin /showrepl at DC 2008
the dcdiag /v result
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine PRIMARYDC, is a Directory Server.
Home Server = PRIMARYDC
* Connecting to directory service on server PRIMARYDC.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Qtit,DC=com,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=Qtit,DC=com,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=SECONDAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=PRIMARYDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\PRIMARYDC
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... PRIMARYDC passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\PRIMARYDC
Starting test: Advertising
The DC PRIMARYDC is advertising itself as a DC and having a DS.
The DC PRIMARYDC is advertising as an LDAP server
The DC PRIMARYDC is advertising as having a writeable directory
The DC PRIMARYDC is advertising as a Key Distribution Center
The DC PRIMARYDC is advertising as a time server
The DS PRIMARYDC is advertising as a GC.
......................... PRIMARYDC passed test Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
A warning event occurred. EventID: 0x800034C8
Time Generated: 03/06/2014 10:18:56
Event String:
The File Replication Service has detected an enabled disk write cache on the drive containing the directory c:\windows\ntfrs\jet on the computer PRIMARYDC. The File Replication Service might not recover when power to
the drive is interrupted and critical updates are lost.
A warning event occurred. EventID: 0x800034C8
Time Generated: 03/06/2014 10:53:21
Event String:
The File Replication Service has detected an enabled disk write cache on the drive containing the directory c:\windows\ntfrs\jet on the computer PRIMARYDC. The File Replication Service might not recover when power to
the drive is interrupted and critical updates are lost.
......................... PRIMARYDC passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
Skip the test because the server is running FRS.
......................... PRIMARYDC passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... PRIMARYDC passed test SysVolCheck
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... PRIMARYDC passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=SECONDAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
Role Domain Owner = CN=NTDS Settings,CN=SECONDAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
Role PDC Owner = CN=NTDS Settings,CN=SECONDAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
Role Rid Owner = CN=NTDS Settings,CN=SECONDAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
Role Infrastructure Update Owner = CN=NTDS Settings,CN=SECONDAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
......................... PRIMARYDC passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC PRIMARYDC on DC PRIMARYDC.
* SPN found :LDAP/PRIMARYDC.Qtit.com/Qtit.com
* SPN found :LDAP/PRIMARYDC.Qtit.com
* SPN found :LDAP/PRIMARYDC
* SPN found :LDAP/PRIMARYDC.Qtit.com/QTIT
* SPN found :LDAP/e3d8c76c-1b59-4de6-9f7f-c438df9a2863._msdcs.Qtit.com
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/e3d8c76c-1b59-4de6-9f7f-c438df9a2863/Qtit.com
* SPN found :HOST/PRIMARYDC.Qtit.com/Qtit.com
* SPN found :HOST/PRIMARYDC.Qtit.com
* SPN found :HOST/PRIMARYDC
* SPN found :HOST/PRIMARYDC.Qtit.com/QTIT
* SPN found :GC/PRIMARYDC.Qtit.com/Qtit.com
......................... PRIMARYDC passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC PRIMARYDC.
The forest is not ready for RODC. Will skip checking ERODC ACEs.
* Security Permissions Check for
DC=ForestDnsZones,DC=Qtit,DC=com
(NDNC,Version 3)
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,DC=Qtit,DC=com
* Security Permissions Check for
DC=DomainDnsZones,DC=Qtit,DC=com
(NDNC,Version 3)
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=DomainDnsZones,DC=Qtit,DC=com
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=Qtit,DC=com
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=Qtit,DC=com
(Configuration,Version 3)
* Security Permissions Check for
DC=Qtit,DC=com
(Domain,Version 3)
......................... PRIMARYDC failed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\PRIMARYDC\netlogon
Verified share \\PRIMARYDC\sysvol
......................... PRIMARYDC passed test NetLogons
Starting test: ObjectsReplicated
PRIMARYDC is in domain DC=Qtit,DC=com
Checking for CN=PRIMARYDC,OU=Domain Controllers,DC=Qtit,DC=com in domain DC=Qtit,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=PRIMARYDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com in domain CN=Configuration,DC=Qtit,DC=com on 1 servers
Object is up-to-date on all servers.
......................... PRIMARYDC passed test ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=Qtit,DC=com
Latency information for 18 entries in the vector were ignored.
18 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=Qtit,DC=com
Latency information for 18 entries in the vector were ignored.
18 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=Qtit,DC=com
Latency information for 20 entries in the vector were ignored.
20 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=Qtit,DC=com
Latency information for 20 entries in the vector were ignored.
20 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=Qtit,DC=com
Latency information for 20 entries in the vector were ignored.
20 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check
......................... PRIMARYDC passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 14607 to 1073741823
* SecondAD.Qtit.com is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 14107 to 14606
* rIDPreviousAllocationPool is 14107 to 14606
* rIDNextRID: 14124
......................... PRIMARYDC passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... PRIMARYDC passed test Services
Starting test: SystemLog
* The System Event log test
A warning event occurred. EventID: 0x0000A001
Time Generated: 03/06/2014 16:04:05
Event String:
The Security System could not establish a secured connection with the server ldap/PRIMARYDC.Qtit.com/[email protected]. No authentication protocol was available.
An error event occurred. EventID: 0x0000041F
Time Generated: 03/06/2014 16:06:35
Event String:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
An error event occurred. EventID: 0x0000041F
Time Generated: 03/06/2014 16:11:36
Event String:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
An error event occurred. EventID: 0x0000041F
Time Generated: 03/06/2014 16:16:38
Event String:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
An error event occurred. EventID: 0x0000041F
Time Generated: 03/06/2014 16:21:39
Event String:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
An error event occurred. EventID: 0x0000041F
Time Generated: 03/06/2014 16:26:41
Event String:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 16:30:46
Event String:
Driver TOSHIBA e-STUDIO16/20/25 PCL 6 required for printer TOSHIBA e-STUDIO16/20/25 PCL 6 is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 16:30:48
Event String:
Driver Microsoft XPS Document Writer v4 required for printer Microsoft XPS Document Writer is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 16:30:49
Event String:
Driver Send to Microsoft OneNote 15 Driver required for printer Send To OneNote 2013 is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 16:31:14
Event String:
Driver Send to Microsoft OneNote 15 Driver required for printer Send To OneNote 2013 is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 16:31:16
Event String:
Driver Microsoft XPS Document Writer v4 required for printer Microsoft XPS Document Writer is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x00000457
Time Generated: 03/06/2014 16:31:16
Event String:
Driver WebEx Document Loader required for printer WebEx Document Loader is unknown. Contact the administrator to install the driver before you log in again.
An error event occurred. EventID: 0x0000041F
Time Generated: 03/06/2014 16:31:42
Event String:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
......................... PRIMARYDC failed test SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference)
CN=PRIMARYDC,OU=Domain Controllers,DC=Qtit,DC=com and backlink on
CN=PRIMARYDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
are correct.
The system object reference (serverReferenceBL)
CN=PRIMARYDC,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=Qtit,DC=com
and backlink on
CN=NTDS Settings,CN=PRIMARYDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Qtit,DC=com
are correct.
The system object reference (frsComputerReferenceBL)
CN=PRIMARYDC,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=Qtit,DC=com
and backlink on CN=PRIMARYDC,OU=Domain Controllers,DC=Qtit,DC=com are
correct.
......................... PRIMARYDC passed test VerifyReferences
Test omitted by user request: VerifyReplicas
Test omitted by user request: DNS
Test omitted by user request: DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : Qtit
Starting test: CheckSDRefDom
......................... Qtit passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Qtit passed test CrossRefValidation
Running enterprise tests on : Qtit.com
Test omitted by user request: DNS
Test omitted by user request: DNS
Starting test: LocatorCheck
GC Name: \\PRIMARYDC.Qtit.com
Locator Flags: 0xe00031fc
PDC Name: \\SecondAD.Qtit.com
Locator Flags: 0xe00001bd
Time Server Name: \\PRIMARYDC.Qtit.com
Locator Flags: 0xe00031fc
Preferred Time Server Name: \\PRIMARYDC.Qtit.com
Locator Flags: 0xe00031fc
KDC Name: \\PRIMARYDC.Qtit.com
Locator Flags: 0xe00031fc
......................... Qtit.com passed test LocatorCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... Qtit.com passed test Intersite
repadmin /showrepl Result
******************************8
==== INBOUND NEIGHBORS ===================================
DC=Qtit,DC=com
Default-First-Site-Name\SECONDAD via RPC
DSA object GUID: c5ef6e17-77f0-43f6-8d39-5497c563f
Last attempt @ 2014-03-06 16:41:04 was successful.
CN=Configuration,DC=Qtit,DC=com
Default-First-Site-Name\SECONDAD via RPC
DSA object GUID: c5ef6e17-77f0-43f6-8d39-5497c563f
Last attempt @ 2014-03-06 16:41:39 was successful.
CN=Schema,CN=Configuration,DC=Qtit,DC=com
Default-First-Site-Name\SECONDAD via RPC
DSA object GUID: c5ef6e17-77f0-43f6-8d39-5497c563f
Last attempt @ 2014-03-06 15:53:01 was successful.
DC=DomainDnsZones,DC=Qtit,DC=com
Default-First-Site-Name\SECONDAD via RPC
DSA object GUID: c5ef6e17-77f0-43f6-8d39-5497c563f
Last attempt @ 2014-03-06 16:27:31 was successful.
DC=ForestDnsZones,DC=Qtit,DC=com
Default-First-Site-Name\SECONDAD via RPC
DSA object GUID: c5ef6e17-77f0-43f6-8d39-5497c563f
Last attempt @ 2014-03-06 15:53:01 was successful.
I try to down the DC 2003 and access \\Qtit.com it success open the syslog on DC 2008
Any help or adviceHi,
Were there other error codes logged in Event Viewer?
Regarding Event ID 1055, the following article can be referred to for troubleshooting.
Event ID 1055 — Group Policy Preprocessing (Security)
http://technet.microsoft.com/en-us/library/cc727272(v=ws.10).aspx
Based on the report you posted, this issue may be related to FRS replication service. As a result, we can use ntfrsutl tool to check whether the replication service is healthy.
Regarding this point, the following articles can be referred to for more information.
Troubleshooting File Replication Service
http://technet.microsoft.com/en-us/library/bb727056.aspx
Ntfrsutl
http://technet.microsoft.com/en-us/library/hh875636.aspx
In addition, we can also try doing a non-authoritative Sysvol restore on Windows Server 2008 DC to see whether the issue persists.
Using the BurFlags registry key to reinitialize File Replication Service replica sets
http://support.microsoft.com/kb/290762/en-us
Hope it helps.
Best regards,
Frank Shen -
802.1x windows group policy
We have strange issue , some users disconnected and connected again within few seconds.
which result Cisco NAC agent started again to check posture status , but no logs on the switch that the ports were down also IP Phones connected between switch and PC.
we noticed that there is group policy pushed from Domain in the same time.
any one faced this issue (when apply group policy , the network card reset?)1- CP-7945
2- Windows 8.1.
3- WS-C3750X-24P.
4-
switchport mode access
switchport voice vlan x
ip arp inspection limit rate x
authentication event fail action next-method
authentication event server dead action reinitialize vlan x
authentication event server dead action authorize voice
authentication host-mode multi-domain
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication timer reauthenticate server
mab
snmp trap mac-notification change added
snmp trap mac-notification change removed
dot1x pae authenticator
dot1x timeout tx-period 12
spanning-tree portfast
ip verify source -
SBL and Windows group policy user configuration preference
We would like to have user connects to VPN via SBL and then login to the AD domain. Ideally, the group policy user configuration preference, such as drive mapping, should be applied after successful AD login. However, we are running into issue where the preferences are not being applied. It appears the AnyConnect VPN tunnel is not completely established after the user login to AD; and hence the GPO preference was not able to apply. It takes about 1 min.after the user's AD login before the VPN tunnel is completely established.
Just want to find out if anyone is able to get SBL and AD GPO preference working successfully.Originally Posted by twiggy
Tbreeden - thanks for ur note, yes I am aware of the apply button - but u r right, it's not really noticeable unless u know to look for it
Rroncme - I am using 32bit. We don't have any vita machines but win7 is supposed to be supported. I've created other policies using win7 and the saved just fine/applied fine too. Thanks for ur thoughts, I appreciate it.
Any one else haven success w 32 bit win7 -building ie policy?
Well there is a TID 7005804 about IE policy failures but don't know if the bug applies to your situation...
Policy failures in Terminal Sessions on Windows Server 2003 and Windows Server 2008
Thomas -
Software Installation Processing Alerts - Group Policy Failures?
Hello,
I am getting several errors reported by SCOM Software Installation Processing alert
In the local event log I have:
Warning 9/15/2014 11:09:37 AM GroupPolicy 1112 None
Warning 9/15/2014 11:09:37 AM Application Management Group Policy 108 None
Error 9/15/2014 11:09:37 AM Application Management Group Policy 103 None
Warning 9/15/2014 11:09:37 AM Application Management Group Policy 101 None
with the details:
101 - The assignment of application SMS Client Setup Bootstrap from policy MITS Servers Software failed. The error was : %%1274
103 - The removal of the assignment of application SMS Client Setup Bootstrap from policy MITS Servers Software failed. The error was : %%2
108 - Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
1112 - The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
- Computer Configuration > Policies > Administrative Templates > System > Group Policy > Policy > Startup policy processing is enabled
what does exactly this means?
Thanks,
Dom
System Center Operations Manager 2007 / System Center Configuration Manager 2007 R2 / Forefront Client Security / Forefront Identity ManagerHi,
Yes the packaged is installed.
Troubleshooting the issue deeper with http://support.microsoft.com/kb/249621/en-us is showing
Software installation extension has been called for background policy refresh
09-16 06:34:09:346
Software installation extension has been called for background policy refresh
The following policies are to be applied, flags are 11.
MITS Servers Software (unique identifier {E76FB561-E177-421D-AE43-109EADEAD751})
System volume path = \\ad.medctr.ucla.edu\sysvol\ad.medctr.ucla.edu\Policies\{E76FB561-E177-421D-AE43-109EADEAD751}\Machine
Active Directory path = LDAP://CN=Machine,cn={E76FB561-E177-421D-AE43-109EADEAD751},cn=policies,cn=system,DC=ad,DC=medctr,DC=ucla,DC=edu
Set the Active Directory path to LDAP://CN=Class Store,CN=Machine,cn={E76FB561-E177-421D-AE43-109EADEAD751},cn=policies,cn=system,DC=ad,DC=medctr,DC=ucla,DC=edu;.
Enumerating applications in the Active Directory for computer MSVROFAS2 with flags 5.
The following applications were found in policy MITS Servers Software.
Assigned application SMS Client Setup Bootstrap (flags a0044c70).
Found 1 applications in policy MITS Servers Software.
Enumerating the managed applications which are currently applied to this user.
No managed applications are currently applied to this user.
Found 0 applications locally that are not included in the set of applications from the Active Directory.
Application SMS Client Setup Bootstrap from policy MITS Servers Software is set for installation because it is assigned to this computer policy.
Software installation extension cannot perform removal or install operations during asynchronous policy refresh and will force a synchronous foreground refresh.
The assignment of application SMS Client Setup Bootstrap from policy MITS Servers Software failed. The error was : %1274
Removing application SMS Client Setup Bootstrap from the software installation database.
Calling Windows Installer to remove application advertisement for application SMS Client Setup Bootstrap from script C:\Windows\system32\appmgmt\MACHINE\{ecbf218d-0d04-4b00-a43e-91ba5c41d119}.aas.
Windows Installer cannot remove application advertisement for application SMS Client Setup Bootstrap from script C:\Windows\system32\appmgmt\MACHINE\{ecbf218d-0d04-4b00-a43e-91ba5c41d119}.aas, error 2.
The removal of the assignment of application SMS Client Setup Bootstrap from policy MITS Servers Software failed. The error was : %2
Policy Logging for Software Management is attempting to log application SMS Client Setup Bootstrap from policy MITS Servers Software.
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %1274
Software installation extension has detected changes that require a synchronous foreground policy refresh.
Software installation extension returning with final error code 1274.
And this is happening hourly !!!
This is the current status...
Thanks,
Dom
System Center Operations Manager 2007 / System Center Configuration Manager 2007 R2 / Forefront Client Security / Forefront Identity Manager -
"Group Policy Registry" (CSE) is failing with EventID 7016
Hi,
I'm stuck at troubleshooting the group policy processing on a W2k8 R2 Terminal Server. On this machine the CSE Group Policy Registry Component is failing with ErrorCode 11. (I'm sorry but the editor does not allow me to insert xml yet)
I was not able to find any source in technet or msdn regarding Group Policy Registry ErrorCode 11 nor able to get any further debugging operable, that gives me more hands-on-details on this problem. Furthermore I was not able to determine the GPO causing
the CSE failing, neither with RSOP nor Eventlogs.... With the group policy modeling wizard i just get "GP Registry failed" listed in Component State Overview with the subtle message "An attempt was made to load a file with an incorrect format."
How can i get to the bottom of this?Hi,
As far as I know, Event ID 7016 can be caused by the fact that there is issue with the gpprefcl.dll build installed on the client machines.
To fix the issue, we can try applying the following hotfix to update the build of gpprefcl.dll.
Windows Vista, Windows Server 2008, Windows 7, or Windows Server 2008 R2 may stop responding at the Welcome screen after you enter the user credentials to log on to the computer
http://support.microsoft.com/kb/2526870/en-us
In addition, the following hotfix can also be worth taking a look.
Some Group Policy preferences are not applied successfully on computers that are running Windows Vista, Windows Server 2008, Windows 7 or Windows Server 2008 R2
http://support.microsoft.com/kb/979731/en-us
Hope it helps.
Best regards,
Frank Shen -
Group policy template for Novell Client for Windows 7
Does anyone know if there is a group policy template for the Novell Client for Windows 7? I find it really hard to believe that Novell has not yet released one, but I cannot find one anywhere. We use ZCM 11.2, and I really need to be able to send out settings for the client via a group policy.
By the way, I am also posting this on the Novell Client forum, but since this is also a ZCM thing, I am hoping I might get some feedback here.
Rick PTwo recent/new resources are available for the Novell Client 2 SP3 for Windows:
Cool Solutions AppNote: Novell Client 2 SP3 for Windows: Registry Settings
Novell Client 2 SP3 for Windows: Registry Settings | Novell User Communities
Cool Solutions Tool: Group Policy Administrative Template for Novell Client 2 SP3 for Windows
Group Policy Administrative Template for Novell Client 2 SP3 for Windows | Novell User Communities -
Windows Active directory group policy objects
Like many small to medium businesses, we use Firefox in addition to Internet Explorer. The Windows Active Directory group policy objects we have for IE works nicely in all versions of IE. Firefox on the other hand has stopped playing ball. Any policy files I have found on the Internet simply does not fire when used in Windows Group Policy. We have Windows 2008 R2 servers with Windows 7 clients.
Does Mozilla have official group policy objects that will work with Windows Active Directory group policy and is supported in Firefox versions 27 onwards? A lot of the material on the Internet are simply workarounds to achieve something simple.
I believe this may have been asked several times already, but no definitive answer has been supplied to
resolve the issue to my knowledge.
Thanks and regardsTo my knowledge, Firefox historically has not had integration with group policy, and third party tools have been required to bridge the gap. You may have found templates that work in one of those tools.
These threads have links to third party tools, articles, mailing lists, and other resources:
* [https://support.mozilla.org/questions/980567 i need to include the Firefox Browser Configuration in my Group Policy and Control Proxy and Browsing Settings]
* [https://support.mozilla.org/questions/978874 Is it possible to configure firefox using group policy]
Please report back if you find a solution. Thanks. -
I get a Group Policy Disk Quota failure at every system start
This is very long, my apologies
I asked this question about a month ago and then had some medical problems so I'm starting over again.
Whenever I start my system I get a message on the screen that the system is trying to run Group Policy for Disk Quotas. To my knowledge I've never set a disk quota policy and I can't find any indication that one is currently set. I freely admit
that I could be responsible for this. I might have done something in the early days of the system because it wasn't happening for the first month or two.
This time I did more reading and found a procedure on TechNet at:
"http://technet.microsoft.com/en-us/library/cc749336(WS.10).aspx" which led me step by step through the procedure, although I still can't make sense of the results.
So far I've verified that there are no policies set and that all the hard drives (3) have the Disk Quota bit 'disabled'. I did this as 'Administrator'.
The results from the TechNet procedure turned out to be quite long but I'm listing it here in hope that someone in the community will be familiar with this problem and be able to use the information to figure out the problem.
Here are the results:
From: TechNet Group Policy Testing
( "http://technet.microsoft.com/en-us/library/cc749336(WS.10).aspx" )
1 - Troubleshooting using the Group Policy operational log
a - Determine the instance of Group Policy processing
(Before you view the Group Policy operational log, you must first determine
the instance of Group Policy processing that failed.)
My ActivityID from the Group Policy operational log = C87E5BC2-FD21-4794-B678-787AB587D8D5
2 - Create a custom view, via a query, of the Group Policy instance
My resultant query:
<QueryList><Query Id="0" Path="Application"><Select Path="Microsoft-Windows-GroupPolicy/Operational">*[System/Correlation/@ActivityID='{C87E5BC2-FD21-4794-B678-787AB587D8D5}']</Select></Query></QueryList>
3 - Results of running the query from step 2 are listed below, in chronological order, including the complete 'detail' sections from each event.
event 4000
Event Description(s) = Computer startup
BEGIN DETAIL SECTION-----------------------------------------------------------------------------
- System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 4000
Version 1
Level 4
Task 0
Opcode 1
Keywords 0x4000000000000000
- TimeCreated
[ SystemTime] 2010-05-15T13:29:33.598400000Z
EventRecordID 22707
- Correlation
[ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
- Execution
[ ProcessID] 1280
[ ThreadID] 1784
Channel Microsoft-Windows-GroupPolicy/Operational
Computer GROK
- Security
[ UserID] S-1-5-18
- EventData
PolicyActivityId {C87E5BC2-FD21-4794-B678-787AB587D8D5}
PrincipalSamName WORKGROUP\GROK$
IsMachine 1
IsDomainJoined false
IsBackgroundProcessing false
IsAsyncProcessing false
IsServiceRestart false
ReasonForSyncProcessing 2
END DETAIL SECTION-------------------------------------------------------------------------------
event 5320
Event Description(s) = Checking for Group Policy client extensions that are not part of the system.
Event Description(s) = Service configuration update to standalone is not required and will be skipped.
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 5320
Version 0
Level 4
Task 0
Opcode 0
Keywords 0x4000000000000000
- TimeCreated
[ SystemTime] 2010-05-15T13:29:33.614000000Z
EventRecordID 22711
- Correlation
[ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
- Execution
[ ProcessID] 1280
[ ThreadID] 1784
Channel Microsoft-Windows-GroupPolicy/Operational
Computer GROK
- Security
[ UserID] S-1-5-18
- EventData
InfoDescription %%4161
END DETAIL SECTION-------------------------------------------------------------------------------
event 5313
Event Description(s) = The following Group Policy objects were not applicable because they were filtered out :
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 5313
Version 0
Level 4
Task 0
Opcode 0
Keywords 0x4000000000000000
- TimeCreated
[ SystemTime] 2010-05-15T13:29:33.614000000Z
EventRecordID 22710
- Correlation
[ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
- Execution
[ ProcessID] 1280
[ ThreadID] 1784
Channel Microsoft-Windows-GroupPolicy/Operational
Computer GROK
- Security
[ UserID] S-1-5-18
- EventData
DescriptionString None
GPOInfoList
END DETAIL SECTION-------------------------------------------------------------------------------
event 5311
Event Description(s) = The loopback policy processing mode is "No loopback mode".
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 5311
Version 0
Level 4
Task 0
Opcode 0
Keywords 0x4000000000000000
- TimeCreated
[ SystemTime] 2010-05-15T13:29:33.614000000Z
EventRecordID 22708
- Correlation
[ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
- Execution
[ ProcessID] 1280
[ ThreadID] 1784
Channel Microsoft-Windows-GroupPolicy/Operational
Computer GROK
- Security
[ UserID] S-1-5-18
- EventData
PolicyProcessingMode 0
END DETAIL SECTION-------------------------------------------------------------------------------
event 5312
Event Description(s) = List of applicable Group Policy objects:
Event Description(s) = Local Group Policy
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 5312
Version 0
Level 4
Task 0
Opcode 0
Keywords 0x4000000000000000
- TimeCreated
[ SystemTime] 2010-05-15T13:29:33.614000000Z
EventRecordID 22709
- Correlation
[ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
- Execution
[ ProcessID] 1280
[ ThreadID] 1784
Channel Microsoft-Windows-GroupPolicy/Operational
Computer GROK
- Security
[ UserID] S-1-5-18
- EventData
DescriptionString Local Group Policy
GPOInfoList <GPO ID="Local Group Policy"><Name>Local Group Policy</Name><Version>524296</Version><SOM>Local</SOM><FSPath>C:\Windows\System32\GroupPolicy\Machine</FSPath><Extensions>[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{D02B1F72-3407-48AE-BA88-E8213C6761F1}][{3610EDA5-77EF-11D2-8DC5-00C04FA31A66}{D02B1F72-3407-48AE-BA88-E8213C6761F1}][{F3CCC681-B74C-4060-9F26-CD84525DCA2A}{0F3F3735-573D-9804-99E4-AB2A69BA5FD4}]</Extensions></GPO>
END DETAIL SECTION-------------------------------------------------------------------------------
event 4016
Event Description(s) = Starting Microsoft Disk Quota Extension Processing.
Event Description(s) = List of applicable Group Policy objects: (Changes were detected.)
Event Description(s) = Local Group Policy
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 4016
Version 0
Level 4
Task 0
Opcode 1
Keywords 0x4000000000000000
- TimeCreated
[ SystemTime] 2010-05-15T13:29:33.614000000Z
EventRecordID 22714
- Correlation
[ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
- Execution
[ ProcessID] 1280
[ ThreadID] 1784
Channel Microsoft-Windows-GroupPolicy/Operational
Computer GROK
- Security
[ UserID] S-1-5-18
- EventData
CSEExtensionId {3610EDA5-77EF-11D2-8DC5-00C04FA31A66}
CSEExtensionName Microsoft Disk Quota
IsExtensionAsyncProcessing false
IsGPOListChanged true
GPOListStatusString %%4102
DescriptionString Local Group Policy
ApplicableGPOList <GPO ID="Local Group Policy"><Name>Local Group Policy</Name></GPO>
END DETAIL SECTION-------------------------------------------------------------------------------
event 5320
Event Description(s) = Finished checking for non-system extensions.
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 5320
Version 0
Level 4
Task 0
Opcode 0
Keywords 0x4000000000000000
- TimeCreated
[ SystemTime] 2010-05-15T13:29:33.614000000Z
EventRecordID 22713
- Correlation
[ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
- Execution
[ ProcessID] 1280
[ ThreadID] 1784
Channel Microsoft-Windows-GroupPolicy/Operational
Computer GROK
- Security
[ UserID] S-1-5-18
- EventData
InfoDescription %%4165
END DETAIL SECTION-------------------------------------------------------------------------------
event 4016
Event Description(s) = Starting Audit Policy Configuration Extension Processing.
Event Description(s) = List of applicable Group Policy objects: (No changes were detected.)
Event Description(s) = Local Group Policy
BEGIN DETAIL SECTION------------------------------------------------------------------------------
- System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 4016
Version 0
Level 4
Task 0
Opcode 1
Keywords 0x4000000000000000
- TimeCreated
[ SystemTime] 2010-05-15T13:31:21.987200000Z
EventRecordID 22718
- Correlation
[ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
- Execution
[ ProcessID] 1280
[ ThreadID] 1784
Channel Microsoft-Windows-GroupPolicy/Operational
Computer GROK
- Security
[ UserID] S-1-5-18
- EventData
CSEExtensionId {F3CCC681-B74C-4060-9F26-CD84525DCA2A}
CSEExtensionName Audit Policy Configuration
IsExtensionAsyncProcessing true
IsGPOListChanged false
GPOListStatusString %%4101
DescriptionString Local Group Policy
ApplicableGPOList <GPO ID="Local Group Policy"><Name>Local Group Policy</Name></GPO>
END DETAIL SECTION-------------------------------------------------------------------------------
event 7016
Event Description(s) = Completed Microsoft Disk Quota Extension Processing in 108374 milliseconds.
BEGIN DETAIL SECTION-------------------------------------------------------------------------------------
- System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 7016
Version 0
Level 2
Task 0
Opcode 2
Keywords 0x4000000000000000
- TimeCreated
[ SystemTime] 2010-05-15T13:31:21.987200000Z
EventRecordID 22717
- Correlation
[ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
- Execution
[ ProcessID] 1280
[ ThreadID] 1784
Channel Microsoft-Windows-GroupPolicy/Operational
Computer GROK
- Security
[ UserID] S-1-5-18
- EventData
CSEElaspedTimeInMilliSeconds 108374
ErrorCode 2147942402
CSEExtensionName Microsoft Disk Quota
CSEExtensionId {3610EDA5-77EF-11D2-8DC5-00C04FA31A66}
END DETAIL SECTION-----------------------------------------------------------------------------------------
event 5016
Event Description(s) = Completed Microsoft Disk Quota Extension Processing in 108374 milliseconds.
BEGIN DETAIL SECTION----------------------------------------------------------------------------------------
- System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 5016
Version 0
Level 4
Task 0
Opcode 2
Keywords 0x4000000000000000
- TimeCreated
[ SystemTime] 2010-05-15T13:31:22.314800000Z
EventRecordID 22720
- Correlation
[ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
- Execution
[ ProcessID] 1280
[ ThreadID] 1784
Channel Microsoft-Windows-GroupPolicy/Operational
Computer GROK
- Security
[ UserID] S-1-5-18
- EventData
CSEElaspedTimeInMilliSeconds 312
ErrorCode 2147483658
CSEExtensionName Audit Policy Configuration
CSEExtensionId {F3CCC681-B74C-4060-9F26-CD84525DCA2A}
END DETAIL SECTION-----------------------------------------------------------------------------------------
Event 8000
Event Description(s) = Completed computer boot policy processing for WORKGROUP\GROK$ in 108 seconds.
BEGIN DETAIL SECTION----------------------------------------------------------------------------------------
- System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 8000
Version 1
Level 4
Task 0
Opcode 2
Keywords 0x4000000000000000
- TimeCreated
[ SystemTime] 2010-05-15T13:31:22.330400000Z
EventRecordID 22721
- Correlation
[ ActivityID] {C87E5BC2-FD21-4794-B678-787AB587D8D5}
- Execution
[ ProcessID] 1280
[ ThreadID] 1784
Channel Microsoft-Windows-GroupPolicy/Operational
Computer GROK
- Security
[ UserID] S-1-5-18
- EventData
PolicyElaspedTimeInSeconds 108
ErrorCode 0
PrincipalSamName WORKGROUP\GROK$
IsMachine 1
IsConnectivityFailure false
END DETAIL SECTION-----------------------------------------------------------------------------------------
End of results.
Thanks to all,
wegrok
Win7 Ultimate x64, 8 GB ram, AMD Phenom 9950 Quad-proc @2.6Ghz, HD = 1TB ASUS M4N72-E mobo, Video = NVIDIA GeForce 8800 GT w/ Dell 2407 Digital Monitor -------------------------------------------------------------------------------------------------------Did you ever have luck tracking this down? Im getting this error and have no clue where it is coming from. I have not enabled gp disk quotas, but I do have a network share on a domain member server that has quotas attached to each users folder.
I removed the quotas and still get this error when I manually perform a gpupdate. -
Group Policy error 1112 - Drive Maps
Hi everyone
We are getting hundreds of these alerts from SCOM every day from multiple 2008 R2 terminal servers:
Alert from Operations Manager 2007:
Alert description: The Group Policy Client Side Extension Group Policy Drive Maps was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish
completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
Looking on the Server itself in the System log I see these entries for every time a user logs onto the server (via RemoteApp)
Log Name: System
Source: Microsoft-Windows-GroupPolicy
Date: 15/03/2012 2:23:58 p.m.
Event ID: 1112
Task Category: None
Level: Warning
Keywords:
User: HOT\xxxxxx
Computer: HOTAKLRD01.hot.co.nz
Description:
The Group Policy Client Side Extension Group Policy Drive Maps was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the
next startup or logon for this user, and this may result in slow startup and boot performance.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-GroupPolicy" Guid="{AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}" />
<EventID>1112</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>1</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2012-03-15T01:23:58.350306600Z" />
<EventRecordID>57243</EventRecordID>
<Correlation ActivityID="{651EFA61-7FA8-4444-9E68-81D0F82DEFE4}" />
<Execution ProcessID="900" ThreadID="22780" />
<Channel>System</Channel>
<Computer>HOTAKLRD01.hot.co.nz</Computer>
<Security UserID="S-1-5-21-1288906317-135625827-1544898942-500" />
</System>
<EventData>
<Data Name="SupportInfo1">1</Data>
<Data Name="SupportInfo2">3961</Data>
<Data Name="ProcessingMode">1</Data>
<Data Name="ProcessingTimeInMilliseconds">4656</Data>
<Data Name="ErrorCode">1274</Data>
<Data Name="ErrorDescription">The group policy framework should call the extension in the synchronous foreground policy refresh. </Data>
<Data Name="DCName">\\HOTAKL31.hot.co.nz</Data>
<Data Name="ExtensionName">Group Policy Drive Maps</Data>
<Data Name="ExtensionId">{5794DAFD-BE60-433f-88A2-1A31939AC01F}</Data>
</EventData>
</Event>
However it each case the user still gets their drive mapping!
I've this only occurs with Drive Map GP Preference -I've even taken a user out of all policies except for a new test drive map policy and they still get this error. I've applied the hotfix that should be the latest version of the GP dll's (KB2622802) but
the error remains. I've tried all options within the GPP for Drive Maps - Update, Replace etc,
Should I just override the OpsMgr alerts? It seems like this is a bug with 2008 server and GP Drive Map Preferences?
Any ideas would be appreciated
Thanks
Rik> *"Note: For servers, the startup and logon processing always behaves
> as if this policy setting is enabled."*
>
> **
>
> **
>
> **
>
> **
>
> **
>
I must admit that I never used Drive Maps on a Server (-: Maybe this is
a bug in the Drive Maps CSE... If it bothers: Set NoBackgroundPolicy
(REG_DWORD) to 1 in HKLM\Software\Microsoft\Windows
NT\CurrentVersion\WinLogon\GPExtensions\
{5794DAFD-BE60-433f-88A2-1A31939AC01F}. This will prevent the Drive Maps
CSE from being invoked during background GP updates.
sincerely, martin
NO THEY ARE NOT EVIL, if you know what you are doing:
Good or bad GPOs?
Wenn meine Antwort hilfreich war, freue ich mich über eine Bewertung! If my answer was helpful, I'm glad about a rating! -
Event ID 1085 on DC - Failed to Apply the Group Policy Local Users and Groups Settings
I have a domain with 2 DCs. The primary DC is running Server 2012 and is raising Event ID 1085 every 10 minutes and 20 seconds.
Windows failed to apply the Group Policy Local Users and Groups settings. Group Policy Local Users and Groups settings might have its own log file. Please click on the "More information" link.
System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 1085
Version 0
Level 3
Task 0
Opcode 1
Keywords 0x8000000000000000
- TimeCreated
[ SystemTime] 2014-10-20T20:09:03.706992400Z
EventRecordID 130087
- Correlation
[ ActivityID] {FDDFB8C5-9ECF-41B9-B2B4-3AD0B345A37A}
- Execution
[ ProcessID] 1000
[ ThreadID] 3280
Channel System
Computer SERVER.DOMAIN.NAME
- Security
[ UserID] S-1-5-18
- EventData
SupportInfo1 1
SupportInfo2 4404
ProcessingMode 0
ProcessingTimeInMilliseconds 10343
ErrorCode 183
ErrorDescription Cannot create a file when that file already exists.
DCName \\SERVER.DOMAIN.name
ExtensionName Group Policy Local Users and Groups
ExtensionId {17D89FEC-5C44-4972-B12D-241CAEF74509}
Everything I look up for Event ID 1085 seems to be about a different cause.
Any ideas?I enabled tracing on a domain gpo and I still get the error when running gpupdate /force .
I'm also still getting Event 1085. Here's the trace file. I've anonymized the site/domain and the GUIDs.
2014-10-21 11:16:54.003 [pid=0x3e8,tid=0xcd0] Entering ProcessGroupPolicyExLocUsAndGroups()
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] SOFTWARE\Policies\Microsoft\Windows\Group Policy\{GUID-1}
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] BackgroundPriorityLevel ( 0 )
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] DisableRSoP ( 0 )
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] LogLevel ( 2 )
2014-10-21 11:16:54.018 [pid=0x3e8,tid=0xcd0] Command subsystem initialized. [SUCCEEDED(S_FALSE)]
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] Background priority set to 0 (Idle).
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ----- Parameters
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] CSE GUID : {GUID-1}
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] Flags : ( X ) GPO_INFO_FLAG_MACHINE - Apply machine policy rather than user policy
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( X ) GPO_INFO_FLAG_BACKGROUND - Background refresh of policy (ok to do slow stuff)
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_SLOWLINK - Policy is being applied across a slow link
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_VERBOSE - Verbose output to the eventlog
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_NOCHANGES - No changes were detected to the Group Policy Objects
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_LINKTRANSITION - A change in link speed was detected between previous policy application and current policy application
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_LOGRSOP_TRANSITION - A change in RSoP logging was detected between the application of the previous policy and the application of the current policy.
2014-10-21 11:16:54.065 [pid=0x3e8,tid=0xcd0] ( X ) GPO_INFO_FLAG_FORCED_REFRESH - Forced Refresh is being applied. redo policies.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_SAFEMODE_BOOT - windows safe mode boot flag
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPO_INFO_FLAG_ASYNC_FOREGROUND - Asynchronous foreground refresh of policy
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Token (computer or user SID): S-1-5-18
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Abort Flag : Yes (0x313be090)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] HKey Root : Yes (0x80000002)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Deleted GPO List : No
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Changed GPO List : Yes
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Asynchronous Processing : Yes
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Status Callback : No (0x00000000)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] WMI namespace : Yes (0x32273740)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] RSoP Status : Yes (0x320cc7f4)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Planning Mode Site : (none)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Computer Target : No (0x00000000)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] User Target : No (0x00000000)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Calculated list relevance. [SUCCEEDED(S_FALSE)]
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ----- Changed - 0
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Options : ( ) GPO_FLAG_DISABLE - This GPO is disabled.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPO_FLAG_FORCE - Do not override the settings in this GPO with settings in a subsequent GPO.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Options (raw) : 0x00000000
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] Version : 19267878 (0x01260126)
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPC : LDAP://CN=Machine,CN={GUID-2},CN=Policies,CN=System,DC=SITE,DC=DOMAIN
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPT : \\SITE.DOMAIN\sysvol\SITE.DOMAIN\Policies\{GUID-2}\Machine
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPO Display Name : Default Domain Policy
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPO Name : {GUID-2}
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] GPO Link : ( ) GPLinkUnknown - No link information is available.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPLinkMachine - The GPO is linked to a computer (local or remote).
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPLinkSite - The GPO is linked to a site.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( X ) GPLinkDomain - The GPO is linked to a domain.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GPLinkOrganizationalUnit - The GPO is linked to an organizational unit.
2014-10-21 11:16:54.081 [pid=0x3e8,tid=0xcd0] ( ) GP Link Error
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] lParam : 0x00000000
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Prev GPO : No
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Next GPO : Yes
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Extensions : [{00000000-0000-0000-0000-000000000000}{GUID-3}][{GUID-1}{GUID-3}][{GUID-4}{GUID-5}{GUID-6}{GUID-7}{GUID-8}][{GUID-9}{GUID-10}][{GUID-11}{GUID-5}{GUID-6}]
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] lParam2 : 0x3146f978
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Link : LDAP://DC=SITE,DC=DOMAIN
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Purge GPH : C:\ProgramData\Microsoft\Group Policy\History\{GUID-2}\Machine\Preferences\Groups\Groups.xml
2014-10-21 11:16:54.096 [pid=0x3e8,tid=0xcd0] Read GPE XML data file (592 bytes total).
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ----- Changed - 1
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Options : ( ) GPO_FLAG_DISABLE - This GPO is disabled.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GPO_FLAG_FORCE - Do not override the settings in this GPO with settings in a subsequent GPO.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Options (raw) : 0x00000000
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Version : 1245203 (0x00130013)
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPC : LDAP://CN=Machine,CN={GUID-12},CN=Policies,CN=System,DC=SITE,DC=DOMAIN
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPT : \\SITE.DOMAIN\sysvol\SITE.DOMAIN\Policies\{GUID-12}\Machine
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPO Display Name : Default Domain Controllers Policy
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPO Name : {GUID-12}
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] GPO Link : ( ) GPLinkUnknown - No link information is available.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GPLinkMachine - The GPO is linked to a computer (local or remote).
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GPLinkSite - The GPO is linked to a site.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GPLinkDomain - The GPO is linked to a domain.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( X ) GPLinkOrganizationalUnit - The GPO is linked to an organizational unit.
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] ( ) GP Link Error
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] lParam : 0x00000000
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Prev GPO : Yes
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Next GPO : No
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Extensions : [{00000000-0000-0000-0000-000000000000}{GUID-3}][{GUID-1}{GUID-3}][{GUID-9}{GUID-10}]
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] lParam2 : 0x324e8198
2014-10-21 11:16:54.112 [pid=0x3e8,tid=0xcd0] Link : LDAP://OU=Domain Controllers,DC=SITE,DC=DOMAIN
2014-10-21 11:16:54.127 [pid=0x3e8,tid=0xcd0] Purge GPH : C:\ProgramData\Microsoft\Group Policy\History\{GUID-12}\Machine\Preferences\Groups\Groups.xml
2014-10-21 11:16:54.127 [pid=0x3e8,tid=0xcd0] Read GPE XML data file (592 bytes total).
2014-10-21 11:16:54.143 [pid=0x3e8,tid=0xcd0] Completed get next GPO. [SUCCEEDED(S_FALSE)]
2014-10-21 11:16:54.143 [pid=0x3e8,tid=0xcd0] WQL : SELECT * FROM RSOP_PolmkrSetting WHERE polmkrBaseCseGuid = "{GUID-1}"
2014-10-21 11:16:54.143 [pid=0x3e8,tid=0xcd0] Purged 2 old RSoP entries.
2014-10-21 11:16:54.143 [pid=0x3e8,tid=0xcd0] Logging 2 new RSoP entries.
2014-10-21 11:16:54.159 [pid=0x3e8,tid=0xcd0] RSoP Entry 0
2014-10-21 11:16:54.174 [pid=0x3e8,tid=0xcd0] RSoP Entry 1
2014-10-21 11:16:54.174 [pid=0x3e8,tid=0xcd0] Completed get GPO list. [SUCCEEDED(S_FALSE)]
2014-10-21 11:16:54.174 [pid=0x3e8,tid=0xcd0] IsRsopPlanningMode() [SUCCEEDED(S_FALSE)]
2014-10-21 11:17:04.252 [pid=0x3e8,tid=0xcd0] Completed settings update (csePostProcess). [ hr = 0x800700b7 "Cannot create a file when that file already exists." ]
2014-10-21 11:17:04.252 [pid=0x3e8,tid=0xcd0] Completed CSE post-processing. [ hr = 0x800700b7 "Cannot create a file when that file already exists." ]
2014-10-21 11:17:04.267 [pid=0x3e8,tid=0xcd0] Leaving ProcessGroupPolicyExLocUsAndGroups() returned 0x000000b7 -
Group Policy - User Rights Assignments not taking effect on workstation`
Novell 5.1 SP7. ZenWorks 3.2 sp3. Windows XP Pro workstations.
In Group Policy, (Computer Configuration/Windows Settings/Security
Settings/Local Policies/User Rights Assignment), I have added Power Users to
the "Load and Unload device drivers" policy. However this setting is not
taking effect on my Windows XP workstations. My DLU policy for users is
configured to have the users members of the "Users" and "Power Users" groups
on the local PC.
Other parts of Group Policy (Computer Policy/Administrative Templates) are
taking effect on the workstation, so I'm wondering if the problem I am
having is related to Security Settings only.
I enabled Group Policy logging on the Windows XP workstation and include it
below:
WMHelperInitialization (Mar 4 2004) called! Flags: 0x8001002. Event:
0x1000. Impersonation: 0x2
Created Mutex.
Loaded userenv.dll
Mapped function RefreshPolicy
Mapped function RegisterGPNotification
Mapped function UnregisterGPNotification
Mapped function RefreshPolicyEx
Exiting WMHelperInitialization. Returning flags: 0x204
WMHelperSystemEntryEx called!
Entered GPCleanupEntry
Writing User Logged In to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x0 to User Logged In in key Software\Novell\Workstation
Manager\Group Policies
Reading Group Policy User Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Flags: 0x80000070 in key
Software\Novell\Workstation Manager\Group Policies
Reading Persist Workstation settings from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Reg key Software\Novell\Workstation Manager\Group Policies\Persist
Workstation settings not found. Assuming 0
Error 2 reading Persist Workstation settings
Entered RestoreOriginalGP.
Reading Group Policy Machine Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Reg key Software\Novell\Workstation Manager\Group Policies\Group Policy
Machine Flags not found. Assuming 0
Reading Group Policy User Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Flags: 0x80000070 in key
Software\Novell\Workstation Manager\Group Policies
Entered GPDel
Deleting C:\WINDOWS\System32\GroupPolicy\User
Deleting C:\WINDOWS\System32\GroupPolicy\Machine
Exiting GPDel 0
Restoring backup GP from C:\WINDOWS\System32\GroupPolicy.WMOriginal
Entered GPCopy(C:\WINDOWS\System32\GroupPolicy.WMOriginal,
C:\WINDOWS\System32\GroupPolicy, 0, handle, 0x80000070)
Warning: C:\WINDOWS\System32\GroupPolicy.WMOriginal\GPT.ini does not exist
Copied file
C:\WINDOWS\System32\GroupPolicy.WMOriginal\Machine \Microsoft\Windows
NT\SecEdit\IPS1.dat to
C:\WINDOWS\System32\GroupPolicy\Machine\Microsoft\ Windows
NT\SecEdit\IPS1.dat
Copied file
C:\WINDOWS\System32\GroupPolicy.WMOriginal\Machine \Microsoft\Windows
NT\SecEdit\XPSec.dat to
C:\WINDOWS\System32\GroupPolicy\Machine\Microsoft\ Windows
NT\SecEdit\XPSec.dat
GP_FLAG_APPLY_SECURITY_SETTINGS (0x40), not set, or security file already
copied. Will not copy security file
Exiting GPCopy 0x0
Writing Group Policy Machine Status to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x4000 to Group Policy Machine Status in key
Software\Novell\Workstation Manager\Group Policies
Exiting RestoreOriginalGP 0x0
Entered AppendSecuritySettings
Inf path: C:\WINDOWS\System32\GroupPolicy\Machine\Microsoft\ Windows
NT\SecEdit\XPSec.dat
Restoring GP settings
Loading Account Policies...
Loading Audit Policies...
Loading user rights...
Restoring security options...
No data
No data
No data
No data
No data
No data
No data
No data
Renamed Administrator account: Administrator
Local Administrator's user name = Administrator
Administrator account names match, skipping.
Renamed Guest account: Guest
Local Guest's user name = Guest
Guest account names match, skipping.
LoadXPSecuritySettings returning 0
LoadHive entered
LoadHive exit : 0
Exiting AppendSecuritySettings 0x0
GPCleanupEntry releasing mutex.
Exiting GPCleanupEntry: 0
Exiting WMHelperSystemEntryEx ccode: 0x0
Closing log file.
WMHelperInitialization (Mar 4 2004) called! Flags: 0x0. Event: 0x0.
Impersonation: 0x0
Created Mutex.
Loaded userenv.dll
Mapped function RefreshPolicy
Mapped function RegisterGPNotification
Mapped function UnregisterGPNotification
Mapped function RefreshPolicyEx
Exiting WMHelperInitialization. Returning flags: 0x11
Entering WMHelperInteractiveUserEntry!
szFullDN = CN=wintest3.OU=Users.OU=Newcastle.O=OSG
DN is Typed convert it to TYPELESS
g_szUserDN = wintest3.Users.Newcastle.OSG
GinaGetUsersSIDInTextualForm ENTERED
Textual SID : S-1-5-21-1214440339-507921405-1708537768-1019
GinaGetUsersSIDInTextualForm EXIT : 0
Writing Don't reparse to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x0 to Don't reparse in key Software\Novell\Workstation
Manager\Group Policies
Writing User Logged In to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x1 to User Logged In in key Software\Novell\Workstation
Manager\Group Policies
Entered CheckForObsoleteWksCache .
No workstation. Exiting CheckForObsoleteWksCache
Applying user policies
Reading Don't reparse from \HKLM\Software\Novell\Workstation Manager\Group
Policies
Read reg. value Don't reparse: 0x0 in key Software\Novell\Workstation
Manager\Group Policies
Reading Group Policy User Status from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Status: 0x3000 in key
Software\Novell\Workstation Manager\Group Policies
Read reg. key Group Policy User Status: 0x3000
Entering ApplyPolicies
Reading Group Policy User Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Flags: 0x80000070 in key
Software\Novell\Workstation Manager\Group Policies
Read reg. key Group Policy User Flags: 0x80000070
Reading Group Policy User Status from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Status: 0x3000 in key
Software\Novell\Workstation Manager\Group Policies
Read reg. key Group Policy User Status: 0x3000
Writing Group Policy User Status to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x1000 to Group Policy User Status in key
Software\Novell\Workstation Manager\Group Policies
Impersonating logged on user.
Context : OU=Users.OU=Newcastle.O=OSG
Full Object DN CN=wintest3.OU=Users.OU=Newcastle.O=OSG
Calling WMGetAllAssociatedObjects(FALSE, MARITIME, 1,
CN=wintest3.OU=Users.OU=Newcastle.O=OSG, WINNT Workstation Package,
zenwmGroupPolicy, 512, pBuffer)
Reverting to system impersonation.
Found DN CN=XP User Package:WinNT-2000-XP:Windows Group Policy.OU=Policy
Packages.OU=Newcastle.O=OSG
WMCheckIfGroupPolicyObjectsChanged entered
Impersonating logged on user.
Reverting to system impersonation.
Group Policy object has NOT changed!
Exiting WMCheckIfGroupPolicyObjectsChanged 0x0
Entered ScheduleCleanup.
Loaded wmschapi.dll
Calling WMScheduleAction
Finished Calling WMScheduleAction. Returned 0x0
Exiting ScheduleCleanup 0x0
Entered BackupOriginalGP.
No backup exists. Creating one: C:\WINDOWS\System32\GroupPolicy.WMOriginal
Backing up original GP to C:\WINDOWS\System32\GroupPolicy.WMOriginal
Copied file C:\WINDOWS\System32\GroupPolicy\Adm\admfiles.ini to
C:\WINDOWS\System32\GroupPolicy.WMOriginal\Adm\adm files.ini
Copied file C:\WINDOWS\System32\GroupPolicy\Adm\conf.adm to
C:\WINDOWS\System32\GroupPolicy.WMOriginal\Adm\con f.adm
Copied file C:\WINDOWS\System32\GroupPolicy\Adm\inetres.adm to
C:\WINDOWS\System32\GroupPolicy.WMOriginal\Adm\ine tres.adm
Copied file C:\WINDOWS\System32\GroupPolicy\Adm\system.adm to
C:\WINDOWS\System32\GroupPolicy.WMOriginal\Adm\sys tem.adm
Copied file C:\WINDOWS\System32\GroupPolicy\Adm\wmplayer.adm to
C:\WINDOWS\System32\GroupPolicy.WMOriginal\Adm\wmp layer.adm
Copied file C:\WINDOWS\System32\GroupPolicy\Adm\wuau.adm to
C:\WINDOWS\System32\GroupPolicy.WMOriginal\Adm\wua u.adm
Copied file C:\WINDOWS\System32\GroupPolicy\GPT.ini to
C:\WINDOWS\System32\GroupPolicy.WMOriginal\GPT.ini
Copied file C:\WINDOWS\System32\GroupPolicy\Machine\Microsoft\ Windows
NT\SecEdit\IPS1.dat to
C:\WINDOWS\System32\GroupPolicy.WMOriginal\Machine \Microsoft\Windows
NT\SecEdit\IPS1.dat
Copied file C:\WINDOWS\System32\GroupPolicy\Machine\Microsoft\ Windows
NT\SecEdit\XPSec.dat to
C:\WINDOWS\System32\GroupPolicy.WMOriginal\Machine \Microsoft\Windows
NT\SecEdit\XPSec.dat
Entered SaveSecuritySettings
Inf path:
C:\WINDOWS\System32\GroupPolicy.WMOriginal\Machine \Microsoft\Windows
NT\SecEdit\
Saving XP security settings
Saving Account Policies...
Saving Audit Policies...
Saving user rights...
Name: Administrator
Comment: Built-in account for administering the computer/domain
Full Name:
No rights.
Name: Guest
Comment: Built-in account for guest access to the computer/domain
Full Name:
Right: SeInteractiveLogonRight
Right: SeDenyInteractiveLogonRight
Right: SeDenyNetworkLogonRight
Name: HelpAssistant
Comment: Account for Providing Remote Assistance
Full Name: Remote Desktop Help Assistant Account
No rights.
Name: SUPPORT_388945a0
Comment: This is a vendor's account for the Help and Support Service
Full Name: CN=Microsoft Corporation,L=Redmond,S=Washington,C=US
Right: SeBatchLogonRight
Right: SeDenyInteractiveLogonRight
Right: SeDenyNetworkLogonRight
Name: vector
Comment: Account created by Novell's Workstation Manager
Full Name:
No rights.
Name: wintest3
Comment: Account created by Novell's Workstation Manager
Full Name:
No rights.
Name: None
Comment: Ordinary users
No rights.
Name: Administrators
Right: SeSecurityPrivilege
Right: SeBackupPrivilege
Right: SeRestorePrivilege
Right: SeSystemtimePrivilege
Right: SeShutdownPrivilege
Right: SeRemoteShutdownPrivilege
Right: SeTakeOwnershipPrivilege
Right: SeDebugPrivilege
Right: SeSystemEnvironmentPrivilege
Right: SeSystemProfilePrivilege
Right: SeProfileSingleProcessPrivilege
Right: SeIncreaseBasePriorityPrivilege
Right: SeLoadDriverPrivilege
Right: SeCreatePagefilePrivilege
Right: SeIncreaseQuotaPrivilege
Right: SeChangeNotifyPrivilege
Right: SeUndockPrivilege
Right: SeManageVolumePrivilege
Right: SeImpersonatePrivilege
Right: SeCreateGlobalPrivilege
Right: SeInteractiveLogonRight
Right: SeNetworkLogonRight
Right: SeRemoteInteractiveLogonRight
Name: Users
Right: SeShutdownPrivilege
Right: SeChangeNotifyPrivilege
Right: SeUndockPrivilege
Right: SeInteractiveLogonRight
Right: SeNetworkLogonRight
Name: Guests
No rights.
Name: Power Users
Right: SeSystemtimePrivilege
Right: SeShutdownPrivilege
Right: SeProfileSingleProcessPrivilege
Right: SeChangeNotifyPrivilege
Right: SeUndockPrivilege
Right: SeInteractiveLogonRight
Right: SeNetworkLogonRight
Name: Account operators
No rights.
Name: System operators
No rights.
Name: Printer operators
No rights.
Name: Backup operators
Right: SeBackupPrivilege
Right: SeRestorePrivilege
Right: SeShutdownPrivilege
Right: SeChangeNotifyPrivilege
Right: SeInteractiveLogonRight
Right: SeNetworkLogonRight
Name: Replicators
No rights.
Name: RAS servers
No rights.
Name: Pre2000 compatible access
No rights.
Exiting SaveUserRights (0)
Saving Security Options
Found: MACHINE/Software/Microsoft/Driver Signing/Policy
Data type is 3
Found: MACHINE/Software/Microsoft/Windows
NT/CurrentVersion/Setup/RecoveryConsole/SecurityLevel
Data type is 4
Found: MACHINE/Software/Microsoft/Windows
NT/CurrentVersion/Setup/RecoveryConsole/SetCommand
Data type is 4
Found: MACHINE/Software/Microsoft/Windows
NT/CurrentVersion/Winlogon/AllocateCDRoms
Data type is 1
Found: MACHINE/Software/Microsoft/Windows
NT/CurrentVersion/Winlogon/AllocateDASD
Data type is 1
Found: MACHINE/Software/Microsoft/Windows
NT/CurrentVersion/Winlogon/AllocateFloppies
Data type is 1
Found: MACHINE/Software/Microsoft/Windows
NT/CurrentVersion/Winlogon/CachedLogonsCount
Data type is 1
Found: MACHINE/Software/Microsoft/Windows
NT/CurrentVersion/Winlogon/ForceUnlockLogon
Data type is 4
Found: MACHINE/Software/Microsoft/Windows
NT/CurrentVersion/Winlogon/PasswordExpiryWarning
Data type is 4
Found: MACHINE/Software/Microsoft/Windows
NT/CurrentVersion/Winlogon/ScRemoveOption
Data type is 1
Found:
MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DisableCAD
Data type is 4
Found:
MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DontDisplayLastUserName
Data type is 4
Found:
MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/LegalNoticeCaption
Data type is 1
Found:
MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/LegalNoticeText
Data type is 7
Found:
MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/ScForceOption
Data type is 4
Found:
MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/ShutdownWithoutLogon
Data type is 4
Found:
MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/UndockWithoutLogon
Data type is 4
Found: MACHINE/SOFTWARE/policies/Microsoft/windows
NT/DCOM/MachineAccessRestriction
Data type is 1
Found: MACHINE/SOFTWARE/policies/Microsoft/windows
NT/DCOM/MachineLaunchRestriction
Data type is 1
Found: MACHINE/System/CurrentControlSet/Control/Lsa/AuditBaseObjects
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Lsa/CrashOnAuditFail
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Lsa/DisableDomainCreds
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Control/Lsa/EveryoneIncludesAnonymous
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Lsa/FIPSAlgorithmPolicy
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Lsa/ForceGuest
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Lsa/FullPrivilegeAuditing
Data type is 3
Found: MACHINE/System/CurrentControlSet/Control/Lsa/LimitBlankPasswordUse
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Lsa/LmCompatibilityLevel
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Lsa/MSV1_0/NTLMMinClientSec
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Lsa/MSV1_0/NTLMMinServerSec
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Lsa/NoDefaultAdminOwner
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Lsa/NoLMHash
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Lsa/RestrictAnonymous
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Lsa/RestrictAnonymousSAM
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Lsa/SubmitControl
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Print/Providers/LanMan Print
Services/Servers/AddPrinterDrivers
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Control/SecurePipeServers/Winreg/AllowedPaths/Machine
Data type is 7
Found: MACHINE/System/CurrentControlSet/Control/Session
Manager/Kernel/ObCaseInsensitive
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Session Manager/Memory
Management/ClearPageFileAtShutdown
Data type is 4
Found: MACHINE/System/CurrentControlSet/Control/Session
Manager/ProtectionMode
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/AutoDisconnect
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/EnableForcedLogOff
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/EnableSecuritySignature
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/NullSessionPipes
Data type is 7
Found:
MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/NullSessionShares
Data type is 7
Found:
MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/RequireSecuritySignature
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/LanmanWorkstation/Parameters/EnablePlainTextPassword
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/LanmanWorkstation/Parameters/EnableSecuritySignature
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/LanmanWorkstation/Parameters/RequireSecuritySignature
Data type is 4
Found: MACHINE/System/CurrentControlSet/Services/LDAP/LDAPClientIntegrity
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/DisablePasswordChange
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/MaximumPasswordAge
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/RefusePasswordChange
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/RequireSignOrSeal
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/RequireStrongKey
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/SealSecureChannel
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/SignSecureChannel
Data type is 4
Found:
MACHINE/System/CurrentControlSet/Services/NTDS/Parameters/LDAPServerIntegrity
Data type is 4
Administrator's user name = Administrator
Guest's user name = Guest
SaveHive entered
SaveHive exit : 0
Exiting SaveSecuritySettings 0x0
Backup path: C:\WINDOWS\System32\GroupPolicy.WMOriginal
Exiting BackupOriginalGP 0x0
Entered RestoreCachedGP.
Reading Group Policy User Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Flags: 0x80000070 in key
Software\Novell\Workstation Manager\Group Policies
Reading Group Policy Machine Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Reg key Software\Novell\Workstation Manager\Group Policies\Group Policy
Machine Flags not found. Assuming 0
No gpt.ini detected, aborting RestoreCachedGP.
Checking whether OriginalGP exists
Entered GPDel
Deleting C:\WINDOWS\System32\GroupPolicy\User
Deleting C:\WINDOWS\System32\GroupPolicy\Machine
Exiting GPDel 0
Restoring original GP.
Entered RestoreOriginalGP.
Reading Group Policy Machine Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Reg key Software\Novell\Workstation Manager\Group Policies\Group Policy
Machine Flags not found. Assuming 0
Reading Group Policy User Flags from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Flags: 0x80000070 in key
Software\Novell\Workstation Manager\Group Policies
Entered GPDel
Deleting C:\WINDOWS\System32\GroupPolicy\User
Deleting C:\WINDOWS\System32\GroupPolicy\Machine
Exiting GPDel 0
Restoring backup GP from C:\WINDOWS\System32\GroupPolicy.WMOriginal
Entered GPCopy(C:\WINDOWS\System32\GroupPolicy.WMOriginal,
C:\WINDOWS\System32\GroupPolicy, 0, handle, 0x80000070)
Copied C:\WINDOWS\System32\GroupPolicy.WMOriginal\GPT.ini to
C:\WINDOWS\System32\GroupPolicy\GPT.ini
Copied file
C:\WINDOWS\System32\GroupPolicy.WMOriginal\Machine \Microsoft\Windows
NT\SecEdit\IPS1.dat to
C:\WINDOWS\System32\GroupPolicy\Machine\Microsoft\ Windows
NT\SecEdit\IPS1.dat
Copied file
C:\WINDOWS\System32\GroupPolicy.WMOriginal\Machine \Microsoft\Windows
NT\SecEdit\XPSec.dat to
C:\WINDOWS\System32\GroupPolicy\Machine\Microsoft\ Windows
NT\SecEdit\XPSec.dat
GP_FLAG_APPLY_SECURITY_SETTINGS (0x40), not set, or security file already
copied. Will not copy security file
Exiting GPCopy 0x0
Writing Group Policy User Status to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x4000 to Group Policy User Status in key
Software\Novell\Workstation Manager\Group Policies
Exiting RestoreOriginalGP 0x0
Writing Group Policy User Status to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x4000 to Group Policy User Status in key
Software\Novell\Workstation Manager\Group Policies
Entered GPCopy(C:\WINDOWS\System32\GroupPolicy.UserCache,
C:\WINDOWS\System32\GroupPolicy, 0, handle, 0x80000070)
Copied C:\WINDOWS\System32\GroupPolicy.UserCache\GPT.ini to
C:\WINDOWS\System32\GroupPolicy\GPT.ini
Copied file
C:\WINDOWS\System32\GroupPolicy.UserCache\User\MIC ROSOFT\IEAK\install.ins to
C:\WINDOWS\System32\GroupPolicy\User\MICROSOFT\IEA K\install.ins
Copied file C:\WINDOWS\System32\GroupPolicy.UserCache\User\Reg istry.pol to
C:\WINDOWS\System32\GroupPolicy\User\Registry.pol
Copied file
C:\WINDOWS\System32\GroupPolicy.UserCache\Machine\ Microsoft\Windows
NT\SecEdit\IPS1.dat to
C:\WINDOWS\System32\GroupPolicy\Machine\Microsoft\ Windows
NT\SecEdit\IPS1.dat
Copied file
C:\WINDOWS\System32\GroupPolicy.UserCache\Machine\ Microsoft\Windows
NT\SecEdit\IPS2.dat to
C:\WINDOWS\System32\GroupPolicy\Machine\Microsoft\ Windows
NT\SecEdit\IPS2.dat
Copied file
C:\WINDOWS\System32\GroupPolicy.UserCache\Machine\ Microsoft\Windows
NT\SecEdit\IPS3.dat to
C:\WINDOWS\System32\GroupPolicy\Machine\Microsoft\ Windows
NT\SecEdit\IPS3.dat
Copied file
C:\WINDOWS\System32\GroupPolicy.UserCache\Machine\ Microsoft\Windows
NT\SecEdit\XPSec.dat to
C:\WINDOWS\System32\GroupPolicy\Machine\Microsoft\ Windows
NT\SecEdit\XPSec.dat
Copied file C:\WINDOWS\System32\GroupPolicy.UserCache\Machine\ Registry.pol
to C:\WINDOWS\System32\GroupPolicy\Machine\Registry.p ol
GP_FLAG_APPLY_SECURITY_SETTINGS (0x40), not set, or security file already
copied. Will not copy security file
Exiting GPCopy 0x0
Writing Group Policy User Status to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x3000 to Group Policy User Status in key
Software\Novell\Workstation Manager\Group Policies
Entered MergeGptFile(C:\WINDOWS\System32\GroupPolicy.UserC ache, 0x80000070)
g_dwVersion: 0x0.
Reading GPT Version from \HKLM\Software\Novell\Workstation Manager\Group
Policies
Read reg. value GPT Version: 0x70007 in key Software\Novell\Workstation
Manager\Group Policies
Found machine extensions...
Found user extensions...
Exiting MergeGptFile 0x0
Reading user's user settings.
Entered AppendPolicy
C:\WINDOWS\System32\GroupPolicy.UserCache\User\Reg istry.pol
Entered parseRegFile
Val: 'BlockExeAttachments'
Added: Software\Microsoft\Outlook Express\BlockExeAttachments
Val: 'NoHTMLWallPaper'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \ActiveDesktop\NoHTMLWallPaper
Val: '**del.NoChangingWallPaper'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \ActiveDesktop, val:
NoChangingWallPaper
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \ActiveDesktop\**del.NoChangingWallPaper
Val: 'ForceClassicControlPanel'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\ForceClassicControlPanel
Val: 'NoSMMyPictures'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoSMMyPictures
Val: 'NoStartMenuMyMusic'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoStartMenuMyMusic
Val: 'NoDesktopCleanupWizard'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoDesktopCleanupWizard
Val: 'NoWelcomeScreen'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoWelcomeScreen
Val: 'NoActiveDesktop'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoActiveDesktop
Val: '**del.NoInternetIcon'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer, val:
NoInternetIcon
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\**del.NoInternetIcon
Val: '**del.NoNetHood'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer, val: NoNetHood
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\**del.NoNetHood
Val: 'NoAutoUpdate'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoAutoUpdate
Val: 'NoSMBalloonTip'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoSMBalloonTip
Val: 'NoSMConfigurePrograms'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoSMConfigurePrograms
Val: 'NoComputersNearMe'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoComputersNearMe
Val: 'MaxRecentDocs'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\MaxRecentDocs
Val: 'NoSharedDocuments'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoSharedDocuments
Val: '**del.NoStartMenuEjectPC'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer, val:
NoStartMenuEjectPC
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\**del.NoStartMenuEjectPC
Val: 'NoActiveDesktopChanges'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\NoActiveDesktopChanges
Val: '**del.NoAddPrinter'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer, val:
NoAddPrinter
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\**del.NoAddPrinter
Val: '**del.NoDeletePrinter'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer, val:
NoDeletePrinter
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\**del.NoDeletePrinter
Val: '**del.NoToolbarsOnTaskbar'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer, val:
NoToolbarsOnTaskbar
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\**del.NoToolbarsOnTaskbar
Val: '**del.NoSetTaskbar'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer, val:
NoSetTaskbar
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\**del.NoSetTaskbar
Val: 'ForceStartMenuLogOff'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Explorer\ForceStartMenuLogOff
Val: '{20D04FE0-3AEA-1069-A2D8-08002B30309D}'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
Val: '**del.{450D8FBA-AD25-11D0-98A8-0800361B1103}'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \NonEnum, val:
{450D8FBA-AD25-11D0-98A8-0800361B1103}
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \NonEnum\**del.{450D8FBA-AD25-11D0-98A8-0800361B1103}
Val: '**del.{645FF040-5081-101B-9F08-00AA002F954E}'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \NonEnum, val:
{645FF040-5081-101B-9F08-00AA002F954E}
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \NonEnum\**del.{645FF040-5081-101B-9F08-00AA002F954E}
Val: '**del.Wallpaper'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \System, val: Wallpaper
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \System\**del.Wallpaper
Val: '**del.WallpaperStyle'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \System, val:
WallpaperStyle
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \System\**del.WallpaperStyle
Val: 'NoDispScrSavPage'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \System\NoDispScrSavPage
Val: 'NoAddFromNetwork'
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\NoAddFromNetwork
Val: '**del.NoAddRemovePrograms'
Trying to delete key:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall, val:
NoAddRemovePrograms
Added:
Software\Microsoft\Windows\CurrentVersion\Policies \Uninstall\**del.NoAddRemovePrograms
Val: 'ListBox_Support_Allow'
Added: Software\Policies\Microsoft\Internet Explorer\New
Windows\ListBox_Support_Allow
Val: '*.fleetviewonline.com'
Added: Software\Policies\Microsoft\Internet Explorer\New
Windows\Allow\*.fleetviewonline.com
Val: '*.osg.com'
Added: Software\Policies\Microsoft\Internet Explorer\New
Windows\Allow\*.osg.com
Val: 'NoHelpItemTutorial'
Added: Software\Policies\Microsoft\Internet
Explorer\Restrictions\NoHelpItemTutorial
Val: 'NoHelpItemNetscapeHelp'
Added: Software\Policies\Microsoft\Internet
Explorer\Restrictions\NoHelpItemNetscapeHelp
Val: 'NoHelpItemSendFeedback'
Added: Software\Policies\Microsoft\Internet
Explorer\Restrictions\NoHelpItemSendFeedback
Val: 'PreventAutoRun'
Added: Software\Policies\Microsoft\Messenger\Client\Preve ntAutoRun
Val: ''
Added: Software\Policies\Microsoft\SystemCertificates\Tru st\Certificates\
Val: ''
Added: Software\Policies\Microsoft\SystemCertificates\Tru st\CRLs\
Val: ''
Added: Software\Policies\Microsoft\SystemCertificates\Tru st\CTLs\
Val: 'ScreenSaverIsSecure'
Added: Software\Policies\Microsoft\Windows\Control
Panel\Desktop\ScreenSaverIsSecure
Val: 'ScreenSaveActive'
Added: Software\Policies\Microsoft\Windows\Control
Panel\Desktop\ScreenSaveActive
Val: 'ScreenSaveTimeOut'
Added: Software\Policies\Microsoft\Windows\Control
Panel\Desktop\ScreenSaveTimeOut
Val: 'SCRNSAVE.EXE'
Added: Software\Policies\Microsoft\Windows\Control
Panel\Desktop\SCRNSAVE.EXE
Val: 'ListBox_Support_ZoneMapKey'
Added: Software\Policies\Microsoft\Windows\CurrentVersion \Internet
Settings\ListBox_Support_ZoneMapKey
Val: '*.osg.com'
Added: Software\Policies\Microsoft\Windows\CurrentVersion \Internet
Settings\ZoneMapKey\*.osg.com
Val: 'osgintranet'
Added: Software\Policies\Microsoft\Windows\CurrentVersion \Internet
Settings\ZoneMapKey\osgintranet
Val: '1A00'
Added: Software\Policies\Microsoft\Windows\CurrentVersion \Internet
Settings\Zones\1\1A00
Val: '1809'
Added: Software\Policies\Microsoft\Windows\CurrentVersion \Internet
Settings\Zones\1\1809
Val: '1803'
Added: Software\Policies\Microsoft\Windows\CurrentVersion \Internet
Settings\Zones\1\1803
Val: 'DontPromptForWindowsUpdate'
Added:
Software\Policies\Microsoft\Windows\DriverSearchin g\DontPromptForWindowsUpdate
Val: 'NC_RenameLanConnection'
Added: Software\Policies\Microsoft\Windows\Network
Connections\NC_RenameLanConnection
Val: 'PromptPasswordOnResume'
Added:
Software\Policies\Microsoft\Windows\System\Power\P romptPasswordOnResume
Val: 'NoAUAsDefaultShutdownOption'
Added:
Software\Policies\Microsoft\Windows\WindowsUpdate\ AU\NoAUAsDefaultShutdownOption
Val: 'NoAUShutdownOption'
Added:
Software\Policies\Microsoft\Windows\WindowsUpdate\ AU\NoAUShutdownOption
Val: 'BehaviorOnFailedVerify'
Added: Software\Policies\Microsoft\Windows NT\Driver
Signing\BehaviorOnFailedVerify
Val: 'MovieMaker'
Added: Software\Policies\Microsoft\WindowsMovieMaker\Movi eMaker
Exiting parseRegFile
Exiting AppendPolicy
C:\WINDOWS\System32\GroupPolicy.UserCache\User\Reg istry.pol 0x0
Reading user's computer settings.
Entered AppendPolicy
C:\WINDOWS\System32\GroupPolicy.UserCache\Machine\ Registry.pol
Entered parseRegFile
Val: 'NoUpdateCheck'
Added: Software\Policies\Microsoft\Internet
Explorer\Infodelivery\Restrictions\NoUpdateCheck
Val: 'NoSplash'
Added: Software\Policies\Microsoft\Internet
Explorer\Infodelivery\Restrictions\NoSplash
Val: 'PreventAutoRun'
Added: Software\Policies\Microsoft\Messenger\Client\Preve ntAutoRun
Val: 'NV PrimaryDnsSuffix'
Added: Software\Policies\Microsoft\System\DNSClient\NV PrimaryDnsSuffix
Val: ''
Added: Software\Policies\Microsoft\Windows\Safer\
Val: 'WUServer'
Added: Software\Policies\Microsoft\Windows\WindowsUpdate\ WUServer
Val: 'WUStatusServer'
Added: Software\Policies\Microsoft\Windows\WindowsUpdate\ WUStatusServer
Val: 'NoAutoRebootWithLoggedOnUsers'
Added:
Software\Policies\Microsoft\Windows\WindowsUpdate\ AU\NoAutoRebootWithLoggedOnUsers
Val: 'AutoInstallMinorUpdates'
Added:
Software\Policies\Microsoft\Windows\WindowsUpdate\ AU\AutoInstallMinorUpdates
Val: 'DetectionFrequencyEnabled'
Added:
Software\Policies\Microsoft\Windows\WindowsUpdate\ AU\DetectionFrequencyEnabled
Val: 'DetectionFrequency'
Added:
Software\Policies\Microsoft\Windows\WindowsUpdate\ AU\DetectionFrequency
Val: 'UseWUServer'
Added: Software\Policies\Microsoft\Windows\WindowsUpdate\ AU\UseWUServer
Val: 'RescheduleWaitTimeEnabled'
Added:
Software\Policies\Microsoft\Windows\WindowsUpdate\ AU\RescheduleWaitTimeEnabled
Val: 'RescheduleWaitTime'
Added:
Software\Policies\Microsoft\Windows\WindowsUpdate\ AU\RescheduleWaitTime
Val: 'NoAutoUpdate'
Added: Software\Policies\Microsoft\Windows\WindowsUpdate\ AU\NoAutoUpdate
Val: 'AUOptions'
Added: Software\Policies\Microsoft\Windows\WindowsUpdate\ AU\AUOptions
Val: 'ScheduledInstallDay'
Added:
Software\Policies\Microsoft\Windows\WindowsUpdate\ AU\ScheduledInstallDay
Val: 'ScheduledInstallTime'
Added:
Software\Policies\Microsoft\Windows\WindowsUpdate\ AU\ScheduledInstallTime
Val: 'RegistrationOverwritesInConflict'
Added: Software\Policies\Microsoft\Windows
NT\DNSClient\RegistrationOverwritesInConflict
Val: 'SearchList'
Added: Software\Policies\Microsoft\Windows NT\DNSClient\SearchList
Val: 'PreventIISInstall'
Added: Software\Policies\Microsoft\Windows NT\IIS\PreventIISInstall
Val: 'SecurityCenterInDomain'
Added: Software\Policies\Microsoft\Windows NT\Security
Center\SecurityCenterInDomain
Exiting parseRegFile
Exiting AppendPolicy
C:\WINDOWS\System32\GroupPolicy.UserCache\Machine\ Registry.pol 0x0
Entered GenerateGptFile(C:\WINDOWS\System32\GroupPolicy)
g_dwVersion: 0x70007.
Writing GPT Version to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x70007 to GPT Version in key Software\Novell\Workstation
Manager\Group Policies
Exiting GenerateGptFile 0x0
Exiting RestoreCachedGP 0x0
Writing Group Policy User Status to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x3000 to Group Policy User Status in key
Software\Novell\Workstation Manager\Group Policies
Bumping GPT version...
Entered SetGptVersion(0x0, TRUE).
Reading GPT Version from \HKLM\Software\Novell\Workstation Manager\Group
Policies
Read reg. value GPT Version: 0x70007 in key Software\Novell\Workstation
Manager\Group Policies
Read file C:\WINDOWS\System32\GroupPolicy\GPT.ini
Found version 0x70007 in gpt.ini
Using version: 0x70007
Saving GPT version: 0x80008
Writing GPT Version to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x80008 to GPT Version in key Software\Novell\Workstation
Manager\Group Policies
Exiting SetGptVersion 0x0.
Entered AppendSecuritySettings
Inf path: C:\WINDOWS\System32\GroupPolicy\Machine\Microsoft\ Windows
NT\SecEdit\XPSec.dat
Restoring GP settings
Loading Account Policies...
Loading Audit Policies...
Loading user rights...
Restoring security options...
No data
No data
No data
No data
No data
No data
No data
No data
No data for Administrator account name.
LoadXPSecuritySettings returning 0
LoadHive entered
LoadHive exit : 0
Exiting AppendSecuritySettings 0x0
Signalling OS to refresh policies
RegQueryValueEx returned 2
Policies are set to apply asynchronously
Policies will be processed asynchronously
Entered SetGptVersion(0x0, TRUE).
Reading GPT Version from \HKLM\Software\Novell\Workstation Manager\Group
Policies
Read reg. value GPT Version: 0x80008 in key Software\Novell\Workstation
Manager\Group Policies
Read file C:\WINDOWS\System32\GroupPolicy\GPT.ini
Found version 0x80008 in gpt.ini
Using version: 0x80008
Saving GPT version: 0x90009
Writing GPT Version to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x90009 to GPT Version in key Software\Novell\Workstation
Manager\Group Policies
Exiting SetGptVersion 0x0.
Entering RunGPUpdate
Exiting RunGPUpdate 0
Exiting ApplyPolicies 0x0
Writing Last Run Time High to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x1c58076 to Last Run Time High in key
Software\Novell\Workstation Manager\Group Policies
Writing Last Run Time Low to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x34349ce0 to Last Run Time Low in key
Software\Novell\Workstation Manager\Group Policies
Apply user policies releasing mutex.
Exiting WMHelperInteractiveUserEntry ccode: 0x0
Closing log file.
WMHelperInitialization (Mar 4 2004) called! Flags: 0x2001. Event: 0x2000.
Impersonation: 0x1
Opened Mutex.
Loaded userenv.dll
Mapped function RefreshPolicy
Mapped function RegisterGPNotification
Mapped function UnregisterGPNotification
Mapped function RefreshPolicyEx
Exiting WMHelperInitialization. Returning flags: 0x11
Entering WMHelperInteractiveUserEntry!
szFullDN = CN=wintest3.OU=Users.OU=Newcastle.O=OSG
DN is Typed convert it to TYPELESS
g_szUserDN = wintest3.Users.Newcastle.OSG
GinaGetUsersSIDInTextualForm ENTERED
Textual SID : S-1-5-21-1214440339-507921405-1708537768-1019
GinaGetUsersSIDInTextualForm EXIT : 0
Writing Don't reparse to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x0 to Don't reparse in key Software\Novell\Workstation
Manager\Group Policies
Current time high: 0x1c58076
Reading Last Run Time High from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Last Run Time High: 0x1c58076 in key
Software\Novell\Workstation Manager\Group Policies
Previous time high: 0x1c58076
Writing Don't reparse to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x1 to Don't reparse in key Software\Novell\Workstation
Manager\Group Policies
Writing User Logged In to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x1 to User Logged In in key Software\Novell\Workstation
Manager\Group Policies
Entered CheckForObsoleteWksCache
CN=LT_VECTOR.OU=Workstations.OU=Newcastle.O=OSG.
Full Object DN
CN=LT_VECTOR.OU=Workstations.OU=Newcastle.O=OSG.OU =Users.OU=Newcastle.O=OSG
Calling WMGetAllAssociatedObjects(FALSE, MARITIME, 1,
CN=LT_VECTOR.OU=Workstations.OU=Newcastle.O=OSG.OU =Users.OU=Newcastle.O=OSG,
WINNT Workstation Package, zenwmGroupPolicy, 512, pBuffer)
WMGetAllAssociatedObject returned 2
No associated workstation policies. Deleting
C:\WINDOWS\System32\GroupPolicy.WksCache.
DeleteGPRegVal: Error 0x2 deleting Group Policy Machine Flags
Exiting CheckForObsoleteWksCache 2
Applying user policies
Reading Don't reparse from \HKLM\Software\Novell\Workstation Manager\Group
Policies
Read reg. value Don't reparse: 0x1 in key Software\Novell\Workstation
Manager\Group Policies
Reading Group Policy User Status from \HKLM\Software\Novell\Workstation
Manager\Group Policies
Read reg. value Group Policy User Status: 0x3000 in key
Software\Novell\Workstation Manager\Group Policies
Read reg. key Group Policy User Status: 0x3000
Policy applied at predesktop. Skipping reapplication at user login.
Writing Don't reparse to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x0 to Don't reparse in key Software\Novell\Workstation
Manager\Group Policies
Writing Last Run Time High to \HKLM\Software\Novell\Workstation
Manager\Group Policies
Wrote reg. value 0x1c58076 to Last Run Time High in key
Software\Novell\Workstation Manager\Group Policies
Writing Last Run Time Low to \HKLM\Software\Novell\Workstation Manager\Group
Policies
Wrote reg. value 0x38844da0 to Last Run Time Low in key
Software\Novell\Workstation Manager\Group Policies
Apply user policies releasing mutex.
Exiting WMHelperInteractiveUserEntry ccode: 0x0
Closing log file.
Thanks in advance
AliDUPLICATE
Answered in
novell.support.zenworks.desktops.3x.workstation-manager
Regards
Rolf Lidvall
Swedish Radio (Ltd)
NSC SysOp -
We have a laptop user who was experiencing slow logons in a remote office. (Remote office has 100 users, only 1 is reporting the issue). Helpdesk swapped computers to give the user brand new hardware. The new laptop worked
fine while in the IT department in the main office, the user returned to their desk in their remote office after replacing the laptop and logged in and experienced the same slow logon issues as the older laptop.
Logons take up to 45 mins to process. (Login script hangs and does not process). During the process, you can check IPConfig and it received the proper DNS settings. you can ping the authenticating server by name. We have scanning
on our local copiers setup to scan to the users desktop, and this errors out. DNS on the AD controller shows the proper IP address for the machine and you can ping the machine by name.
System Event log is loaded with errors:
Event ID 5719 - Netlogon, computer not able to setup a secure session with a domain controller in the domain
Event ID 1129 - Group Policy, processing of Group Policy failed because of lack of network connectivity
Event ID 129 - Time Service, NTP Client was unable to set a domain peer to use as a time source
Event ID 5783 - NetLogon, The session setup to the WIndows NT or 2000 domain controller (xxx) for the domain is not responsive. RPC call cancelled. (NOTE - you can ping this domain controller by name and by IP with no issues)
Event ID 130 - Time-Service, NTP client unable to set a domain peer
All these seem to point to RPC errors timing out because they cannot communicate to the network resources. The problem happens on wired or wireless connections. We had the user move to a different network connection (one we know is working for
another user) the problem persists. The problem was on the original computer and continues to happen even after replacing the hardware with a brand new laptop.
I have tried running the following hotfix. Which does not resolve the issue:
http://support2.microsoft.com/kb/2459530 which technically this shouldn't be an issue because we use DHCP off the 2003 AD domain controller.
I have checked the domain controller, AD Replication is processing with no issues. DNS is working. The local DHCP server has no issues or events related to this account and neither does the local DNS server or the authenticating server (which
is in another remote office).
Hi,
As we know, most of the time error event 5719 is caused by network connectivity issues or name resolution issue, I suggest you refer to this link to make a further analysis
http://blogs.technet.com/b/instan/archive/2008/09/18/netlogon-5719-and-the-disappearing-domain.aspx
And this link:
Root Causes for Slow Boots and Logons
http://social.technet.microsoft.com/wiki/contents/articles/10130.root-causes-for-slow-boots-and-logons-sbsl.aspx
Yolanda Zhu
TechNet Community Support -
Group policy - 'install pending - reboot required'
I have deployed software using GPO - Computer Configuration - Assigned software. This has worked with flying colors for most computers on our domain - all running Windows 7 x86. Only a select few computers have failed to get this software installed.
When I checked RSOP.msc, I get a message that the install is pending and awaiting reboot. These machines have rebooted many times and yet the same message appears on RSOP and the software has yet to actually install.
Where is it getting hung up? Is there some sort of install cache that I can clear on the PC so GPO will try to send the install from scratch?
We have tried several things to try to isolate variables:
Tried gpupdate /force - I am prompted to reboot, and when I do so the software does not install
Checked GP Result - shows that this software install policy was "applied" to the computer, yet it isn't installed
Checked RSOP.msc, I get a message that the install is pending and awaiting reboot - reboots do not resolve this
Added permissions for "everyone" at the distribution point NTFS and share (I doubt it's permissions anyway since installs were successful on most computers before we added more permissions)
Tried adding a Computer Configuration/Administrative Templates/System/Group Policy/Startup policy processing wait time - 20 seconds (I tried this after reading this forum question -
http://social.technet.microsoft.com/Forums/en-US/winserverGP/thread/2a2175bf-132f-46c2-bc5a-4c67932141e2/)
Furthermore, every test I try to manufacture grabs the GPO and installs the software with success. The only machines that fail are machines that aren't easy for me to access as people are using them during the workday.
I have grabbed the event viewer information for a failing PC "WOLF", these events show every time after logon as well:
Warning 1/11/2012 2:40:25 PM Application Management Group Policy 101 None
Log Name: System
Source: Application Management Group Policy
Date: 1/11/2012 2:40:25 PM
Event ID: 101
Task Category: None
Level: Warning
Keywords: Classic
User: SYSTEM
Computer: WOLF.domain.local
Description:
The assignment of application TeamViewer 6 (MSI Wrapper) from policy TeamViewer 6 MSI PDX failed. The error was : %%1274
Error 1/11/2012 2:40:25 PM Application Management Group Policy 103 None
Log Name: System
Source: Application Management Group Policy
Date: 1/11/2012 2:40:25 PM
Event ID: 103
Task Category: None
Level: Error
Keywords: Classic
User: SYSTEM
Computer: WOLF.domain.local
Description:
The removal of the assignment of application TeamViewer 6 (MSI Wrapper) from policy TeamViewer 6 MSI PDX failed. The error was : %%2
Warning 1/11/2012 2:40:25 PM Application Management Group Policy 108 None
Log Name: System
Source: Application Management Group Policy
Date: 1/11/2012 2:40:25 PM
Event ID: 108
Task Category: None
Level: Warning
Keywords: Classic
User: SYSTEM
Computer: WOLF.domain.local
Description:
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was :
%%1274
Warning 1/11/2012 2:40:25 PM GroupPolicy 1112 None
Log Name: System
Source: Microsoft-Windows-GroupPolicy
Date: 1/11/2012 2:40:25 PM
Event ID: 1112
Task Category: None
Level: Warning
Keywords:
User: SYSTEM
Computer: WOLF.domain.local
Description:
The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the
next startup or logon for this user, and this may result in slow startup and boot performance.
Any help would be appreciated!
Thanks,
Elizabeth> TeamViewer 6 MSI PDX failed. The error was : %%1274
Not really an error - more an information. Results from a "gpupdate" and
means "reboot now, please".
> from policy TeamViewer 6 MSI PDX failed. The error was : %%2
File not found. That's odd... May need further investigation.
> before the user logon. The error was : %%1274
See above - reboot required.
You may activate appmgmt debug logging and then post the resulting log
file: In HKLM\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics,
set AppmgmtDebugLevel (REG_DWORD) to 0x9b and examine
%windir%\debug\usermode\appmgmt.log after the next reboot.
If no other solution, you may try to cleanup the appmgmt history key so
that all SW deployment GPOs will be processed again: Rename
HKLM\Software\Microsoft\Windows\CurrentVersion\Group Policy\AppMgmt and
recreate empty.
sincerely, Martin
A bissle "Experience", a bissle GMV... Wenn meine Antwort hilfreich war, freue ich mich über eine Bewertung! If my answer was helpful, I'm glad about a rating!
Maybe you are looking for
-
Problem with Serial numbers after upgrade
Hello, I updated an existing installation from BO2007 SP01 PL05 to BO2007 SP01 PL09 After the update in the form Serial Number Selection it's impossible to find any serial number, the cursor move to the right row but I get the message "Serial Number
-
im having a problem with sending mail whilst in my yahoo account. i can view but CANNOT send in 3G mode but strangely I CAN send in wi-fi mode. motorola state there is a known fault with yahoo servers. can anyone shed any light on how to cure ???
-
Problem Starting SAP with Oracle
Dear Experts, Our production system rebooted due to some electricity issue and since then we are not able to start SAP. We are on oracle 10g and AIX OS. We have done all the options but no avail. Following is screen output when I run command : "start
-
Pinging ip's with oracle developer 10g
db and dev 10g rel2 , hi all, i want to ping some ip's through a form built with oracle developer 10g rel2 , - i have two choices here , -there is an application can ping a lot of ip's automatically , it has options to load a file in which ip's are s
-
Use of a secured proxy with SOAP
Hi all, I have a java client that tries to connect to our SOAP server through a proxy. I have no problem with normal proxies but I do however when it's a secured proxy (with authentication). I have tried several solutions: 1- The use of the system pr