Sign in

Microsoft.com

United States (English)

Brasil (Português)Česká republika (Čeština)Deutschland (Deutsch)España (Español)France (Français)Italia (Italiano)Россия (Русский)대한민국 (한국어)中华人民共和国 (中文)台灣 (中文)日本 (日本語)香港特别行政區 (中文)

Forefront Client Security TechCenter

Troubleshooting

Forefront Client Security TechCenter > Forefront Client Security Forums > Forefront Client Security - General > No Forefront Policies can be deployed

No Forefront Policies can be deployed

Wednesday, October 28, 2009 10:50 PMDonia Strand

0
Sign In to Vote
I made a change to a Forefront policy today, right clicked and pressed deploy, and get this message:
The policy cannot be deployed

Further details:
Exception has been thrown by the target of an invocation.
Exception has been thrown by the target of an invocation.
Exception has been thrown by the target of an invocation.
Error HRESULT E_FAIL has been returned from a call to a COM component

I cannot make a change and deploy any policies or create any new ones and deploy those either.
Forefront is at SP1, SQL is 2005 SP3 with latest updates.

I rebooted and got this message when I try to deploy:
The policy cannot be deployed

Further details:
Unable to open existing group policy object
The specified domain either does not exist or could not be contacted. (Exception from HRESULT: 0x8007054B

I can reach any of our domain controllers from the forefront server with dsa.msc
I can ping them
I verified our PDC emulator health
I checked that the netlogon service running from both the dc and the forefront server.
There are no error messages concerning this in the event logs

Is this a bug?
- Reply
- Quote

Answers

Thursday, October 29, 2009 3:05 PMDonia Strand

0
Sign In to Vote
I just tried some new policies and changed some old ones and was able to deploy this morning--so all is well.
- Marked As Answer byDonia Strand Thursday, October 29, 2009 3:05 PM
- Reply
- Quote

All Replies

Thursday, October 29, 2009 4:40 AMNick Gu - MSFTMSFT, Moderator

0
Sign In to Vote
Hi,

Thank you for your post.

Based on my research, this issue may caused by the policy in the AD was corrupt or had invalid data. So FCS could not get an exclusive handle to the policy for deployment or un-deployment. Please take a backup of the GPO using the GPMC, and deleted the GPO using the GPMC. Then redeployed the policy through the FCS console.

Regards,
Nick Gu - MSFT
- Reply
- Quote
Thursday, October 29, 2009 1:20 PMDonia Strand

0
Sign In to Vote

Thank you Nick, but as originally said:

"I cannot make a change and deploy any policies or create any new ones and deploy those either."

I can't create new ones, so it could not be a corrupt policy--any other ideas?

Thanks!

Donia
- Reply
- Quote
Thursday, October 29, 2009 3:05 PMDonia Strand

0
Sign In to Vote
I just tried some new policies and changed some old ones and was able to deploy this morning--so all is well.
- Marked As Answer byDonia Strand Thursday, October 29, 2009 3:05 PM
- Reply
- Quote

Need Help with Forums? (FAQ)