none
The processing of Group Policy failed. Windows attempted to read the file...

    Question

  • Hello all-

    I am currently trying to configure group policy (specifically folder redirects) from a new Windows Server 2008 in my home... the server acts as both an AD DS and file server for 4 client computers, all running Windows Vista Ultimate.

    Here are the steps I am currently taking:

    1. I create a new Group Policy called All Users and Computers and apply it to the All Users and Computers OU, which contains exactly what it says (all users and computers in the domain).
    2. I verify that a new folder was created in \\<FQDN>\sysvol\<FQDN>\Policies.  The new folder created is named {6479C8E0-3134-4B4F-B047-7ADD51684684}
    3. I change the GPO Enforced setting to Enforced.
    4. I attempt to use the gpupdate command to see if the group policy can be updated successfully.  In a command prompt, I type gpupdate <enter>.  I receive the message 'Updating Policy...' then after about 15 seconds the message 'User Policy update has completed successfully.'
    5. I keep the cmd window open.  After about 10 seconds another message apperas which says "Computer policy could not be updated successfully.  The following errors were encountered: The processing of Group Policy failed.  Windows attempted to read the file \\<FQDN>\sysvol\<FQDN>\Policies\{6AC1786C-016F-11D2-945F-00C04Fb984F9}\gpt.ini from a domain controller and was not successful.  Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:

      a) Name Resolution/Network Connectivity to the current domain controller.
      b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
      c) The Distributed File System (DFS) client has been disabled.

      To diagnose the failure, review the event log or invoke gpmc.msc to access information about Group Policy results."
    6. I confirm that the error code is #3 using the Event Log, "The system cannot find the file specificed"

     

    Of course the system cannot find the file specified because the folder does not exist in the sysvol folder. I am wondering why Windows is trying to read from this location when it does not exist, and is not the new group policy I created!  I have no other group policies linked or enforced to any other OU/Domain/etc.  Any help resolving this issue would be greatly appreciated.
    Tuesday, July 07, 2009 3:16 AM

Answers

  • Just an update: I have resolved the issue.  I tracked it down to the Default DC Policy, which while not enforced was link enabled.  Something happened to the policy to make it missing, and when I unlinked it the issue went away... gp now updates successfully for both users and machines.

    Thanks everyone for the help.
    • Marked as answer by ack210 Wednesday, July 08, 2009 4:13 AM
    Wednesday, July 08, 2009 4:13 AM

All replies

  • Hello,
    Please post a complete ipconfig /all from both Dc and Vista PC
    Isaac Oben MCITP:EA, MCSE
    Tuesday, July 07, 2009 3:34 AM
  • Hello,
    Please post a complete ipconfig /all from both Dc and Vista PC
    Isaac Oben MCITP:EA, MCSE


    Hi, and thanks for the reply.  Here's the ipconfig from the DC:


    C:\Users\Administrator>ipconfig /all

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : KELLERDCFS
       Primary Dns Suffix  . . . . . . . : keller-pa.net
       Node Type . . . . . . . . . . . . : Unknown
       IP Routing Enabled. . . . . . . . : Yes
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : keller-pa.net
                                           hsd1.pa.comcast.net.

    Ethernet adapter Local Area Connection 2:

       Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
       Description . . . . . . . . . . . : NETGEAR FA311v2 PCI Adapter
       Physical Address. . . . . . . . . : 00-1E-2A-C9-4A-1C
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::b8b1:d34:1df9:73bd%12(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Monday, July 06, 2009 10:38:09 PM
       Lease Expires . . . . . . . . . . : Tuesday, July 07, 2009 10:38:08 PM
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DNS Servers . . . . . . . . . . . : 68.87.64.150
                                           68.87.75.198
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter Local Area Connection:

       Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
       Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
       Physical Address. . . . . . . . . : 00-22-19-31-88-9B
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::4467:4f1f:917b:a5d1%11(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Monday, July 06, 2009 10:38:09 PM
       Lease Expires . . . . . . . . . . : Tuesday, July 07, 2009 10:38:08 PM
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DNS Servers . . . . . . . . . . . : ::1
                                           68.87.64.150
                                           68.87.75.198
       NetBIOS over Tcpip. . . . . . . . : Disabled

    PPP adapter RAS (Dial In) Interface:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : RAS (Dial In) Interface
       Physical Address. . . . . . . . . :
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv4 Address. . . . . . . . . . . : 192.168.1.150(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.255
       Default Gateway . . . . . . . . . :
       NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter Local Area Connection* 8:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
       Description . . . . . . . . . . . : isatap.hsd1.pa.comcast.net.
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 9:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 02-00-54-55-4E-01
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 11:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    C:\Users\Administrator>




    And from a Windows Vista PC on the domain:

    Microsoft Windows [Version 6.0.6001]
    Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

    C:\Users\Andrew>ipconfig /all

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : UPSTAIRSNTBK
       Primary Dns Suffix  . . . . . . . : keller-pa.net
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : keller-pa.net
                                           hsd1.pa.comcast.net.

    Ethernet adapter Bluetooth Network Connection:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
       Physical Address. . . . . . . . . : 00-21-4F-FC-2F-4E
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Wireless Network Connection:

       Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
       Description . . . . . . . . . . . : Intel(R) WiFi Link 5100 AGN
       Physical Address. . . . . . . . . : 00-22-FB-59-08-E2
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::ac9f:7ebd:12aa:a7d%13(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Monday, July 06, 2009 9:42:42 PM
       Lease Expires . . . . . . . . . . : Tuesday, July 07, 2009 9:42:41 PM
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DNS Servers . . . . . . . . . . . : 192.168.1.100
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter Local Area Connection:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : itm.sel.sony.com
       Description . . . . . . . . . . . : Marvell Yukon 88E8055 PCI-E Gigabit Ether
    net Controller
       Physical Address. . . . . . . . . : 00-1D-BA-ED-F8-8B
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 6:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : isatap.itm.sel.sony.com
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 7:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : 6TO4 Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 11:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
       Description . . . . . . . . . . . : isatap.hsd1.pa.comcast.net.
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 13:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : isatap.{DAF90108-6D8C-4CBE-BC79-6FF79EBE6
    CF3}
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 14:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 02-00-54-55-4E-01
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    C:\Users\Andrew>


    Tuesday, July 07, 2009 3:44 AM
  • Hello,

    Ok, certain things you will need to correct.

    1-You are running multi-homed DC, that is with two NICs..If you donot need the second NIC, I suggest you disable that.Because now you have two IPs which are conflicting.

    2-Disable IPV6 on the DC..To do this go to LAN properties and uncheck the IPv6 box.

    3-your Vista and your DC are all getting DNS from seprate sources, which I think it is the main issue here. Solution is to install Microsoft Active Directory Integrated DNS on the KELLERDCFS DC, the add the 68.87.64.150 and 68.87.75.198 (I am assuming are from ISP) as forwarders in the MS DNS after installation
    4-Point the PRI DNS for both the KELLERDCFS and the VISTA to the 192.168.1.103 (Which I assumed is the IP for KELLERDCFS after you install DNS)

    Do all this and post let us know if issue is resolved.

    ***
    Or if you don't want to install MS DNS on the server, then just disable one NIC, disable IPV6 and make the vista and DC point to same DNS server


    Isaac Oben MCITP:EA, MCSE
    Tuesday, July 07, 2009 4:21 AM
  • Hello,

    Ok, certain things you will need to correct.

    1-You are running multi-homed DC, that is with two NICs..If you donot need the second NIC, I suggest you disable that.Because now you have two IPs which are conflicting.

    2-Disable IPV6 on the DC..To do this go to LAN properties and uncheck the IPv6 box.

    3-your Vista and your DC are all getting DNS from seprate sources, which I think it is the main issue here. Solution is to install Microsoft Active Directory Integrated DNS on the KELLERDCFS DC, the add the 68.87.64.150 and 68.87.75.198 (I am assuming are from ISP) as forwarders in the MS DNS after installation
    4-Point the PRI DNS for both the KELLERDCFS and the VISTA to the 192.168.1.103 (Which I assumed is the IP for KELLERDCFS after you install DNS)

    Do all this and post let us know if issue is resolved.

    ***
    Or if you don't want to install MS DNS on the server, then just disable one NIC, disable IPV6 and make the vista and DC point to same DNS server


    Isaac Oben MCITP:EA, MCSE


    Hi, and thanks for the help.  I disabled the second NIC on the DC, and also pointed the DC to 192.168.1.100 (itself) as the DNS.  192.168.1.100 is actually the address of the DC, the 192.168.1.103 was to the NIC that was not in use.

    As you advised, I also disabled IPv6 on the DC.  I already have the DNS server installed on the DC, and when I went to add the Forwarders I noted they are already there (as you guessed, they are the DNS servers of our ISP).

    Unfortunately when I tried to run gpupdate, I received the same error again.

    I'm new to all this and am using this server as a learning experience so sorry if I am making any stupid mistakes!


    Here is the new ip configs from the DC and vista client.



    DC:

    X:\>ipconfig /all

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : KELLERDCFS
       Primary Dns Suffix  . . . . . . . : keller-pa.net
       Node Type . . . . . . . . . . . . : Unknown
       IP Routing Enabled. . . . . . . . : Yes
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : keller-pa.net
                                           hsd1.pa.comcast.net.

    Ethernet adapter Local Area Connection:

       Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
       Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
       Physical Address. . . . . . . . . : 00-22-19-31-88-9B
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Monday, July 06, 2009 10:38:09 PM
       Lease Expires . . . . . . . . . . : Wednesday, July 08, 2009 12:36:31 AM
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DNS Servers . . . . . . . . . . . : 192.168.1.100
       NetBIOS over Tcpip. . . . . . . . : Disabled

    PPP adapter RAS (Dial In) Interface:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : RAS (Dial In) Interface
       Physical Address. . . . . . . . . :
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv4 Address. . . . . . . . . . . : 192.168.1.150(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.255
       Default Gateway . . . . . . . . . :
       NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter Local Area Connection* 8:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
       Description . . . . . . . . . . . : isatap.hsd1.pa.comcast.net.
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 9:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 02-00-54-55-4E-01
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 11:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    X:\>



    Vista PC:


    C:\Users\Andrew>ipconfig /all

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : UPSTAIRSNTBK
       Primary Dns Suffix  . . . . . . . : keller-pa.net
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : keller-pa.net
                                           hsd1.pa.comcast.net.

    Ethernet adapter Bluetooth Network Connection:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
       Physical Address. . . . . . . . . : 00-21-4F-FC-2F-4E
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Wireless Network Connection:

       Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
       Description . . . . . . . . . . . : Intel(R) WiFi Link 5100 AGN
       Physical Address. . . . . . . . . : 00-22-FB-59-08-E2
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::ac9f:7ebd:12aa:a7d%13(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Monday, July 06, 2009 11:55:18 PM
       Lease Expires . . . . . . . . . . : Tuesday, July 07, 2009 11:55:18 PM
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DNS Servers . . . . . . . . . . . : 192.168.1.100
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter Local Area Connection:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : itm.sel.sony.com
       Description . . . . . . . . . . . : Marvell Yukon 88E8055 PCI-E Gigabit Ether
    net Controller
       Physical Address. . . . . . . . . : 00-1D-BA-ED-F8-8B
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 6:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : isatap.itm.sel.sony.com
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 7:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : 6TO4 Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 11:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
       Description . . . . . . . . . . . : isatap.hsd1.pa.comcast.net.
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 13:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : isatap.{DAF90108-6D8C-4CBE-BC79-6FF79EBE6
    CF3}
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 14:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 02-00-54-55-4E-01
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    C:\Users\Andrew>



    Thanks again for your assistance.

    Tuesday, July 07, 2009 4:49 AM
  • Hello,

    Forgot to mention that as well...Disable IPV6 on the Vista as well.

    I see you also have RAS with an IP of .150.

    On the DC,please go to command prompt do a dcdiag /v and post to the forum. If there are errors, you should do a netdiag /fix

    fromt the vista, if you nslookup the DC what ip do you get?
    Isaac Oben MCITP:EA, MCSE
    Tuesday, July 07, 2009 5:46 AM
  • Hello,

    in addition to Isaacs information, do NOT use DHCP on the DC, a server especially Domain controller should always have fixed ip address. Additional it should not run RRAS, for that use a member server instead.

    Also i suggest to not use the router for DHCP, use the server(also more functionality) and let the router do its basic job, routing.

    Where is the hsd1.pa.comcast.net as DNS search suffix coming from(i assume the router because of its DHCP)? Use only the internal domain name.

    See this article to remove IPv6 if not used on a DC complete:
    http://blogs.dirteam.com/blogs/paulbergson/archive/2009/03/19/disabling-ipv6-on-windows-2008.aspx
    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
    Tuesday, July 07, 2009 9:23 AM
  • Hello all and thanks for the help.  First a few things:

    I understand that the DC should not be running RRAS, but this a simple server being used in aa home environment by 4 users and getting another server just for RRAS would be overkill.

    Secondly, I currently have it so that while the router is handling DHCP, I have reserved a fixed IP for the server, so it always has 192.168.1.100.  If I were to use the server as the DHCP, what would my hardware configuration have to look like?  I currently have the router plugged into the ISP modem, and then server plugged into the router.  All other clients connect to the router wirelessly.


    Here's the dcdiag output.  I tried dcdiag /fix but to no avail.
    Directory Server Diagnosis
    
    
    Performing initial setup:
    
       Trying to find home server...
    
       * Verifying that the local machine KELLERDCFS, is a Directory Server. 
       Home Server = KELLERDCFS
    
       * Connecting to directory service on server KELLERDCFS.
    
       * Identified AD Forest. 
       Collecting AD specific global data 
       * Collecting site info.
    
       Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=keller-pa,DC=net,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
       The previous call succeeded 
       Iterating through the sites 
       Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=keller-pa,DC=net
       Getting ISTG and options for the site
       * Identifying all servers.
    
       Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=keller-pa,DC=net,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
       The previous call succeeded....
       The previous call succeeded
       Iterating through the list of servers 
       Getting information for the server CN=NTDS Settings,CN=KELLERDCFS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=keller-pa,DC=net 
       objectGuid obtained
       InvocationID obtained
       dnsHostname obtained
       site info obtained
       All the info for the server collected
       * Identifying all NC cross-refs.
    
       * Found 1 DC(s). Testing 1 of them.
    
       Done gathering initial info.
    
    
    Doing initial required tests
    
       
       Testing server: Default-First-Site-Name\KELLERDCFS
    
          Starting test: Connectivity
    
             * Active Directory LDAP Services Check
             Determining IP4 connectivity 
             Determining IP6 connectivity 
             * Active Directory RPC Services Check
             ......................... KELLERDCFS passed test Connectivity
    
    
    
    Doing primary tests
    
       
       Testing server: Default-First-Site-Name\KELLERDCFS
    
          Starting test: Advertising
    
             The DC KELLERDCFS is advertising itself as a DC and having a DS.
             The DC KELLERDCFS is advertising as an LDAP server
             The DC KELLERDCFS is advertising as having a writeable directory
             The DC KELLERDCFS is advertising as a Key Distribution Center
             The DC KELLERDCFS is advertising as a time server
             The DS KELLERDCFS is advertising as a GC.
             ......................... KELLERDCFS passed test Advertising
    
          Test omitted by user request: CheckSecurityError
    
          Test omitted by user request: CutoffServers
    
          Starting test: FrsEvent
    
             * The File Replication Service Event log test 
             Skip the test because the event log File Replication Service does not exist.
             ......................... KELLERDCFS passed test FrsEvent
    
          Starting test: DFSREvent
    
             The DFS Replication Event Log. 
             ......................... KELLERDCFS passed test DFSREvent
    
          Starting test: SysVolCheck
    
             * The File Replication Service SYSVOL ready test 
             File Replication Service's SYSVOL is ready 
             ......................... KELLERDCFS passed test SysVolCheck
    
          Starting test: KccEvent
    
             * The KCC Event log test
             Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
             ......................... KELLERDCFS passed test KccEvent
    
          Starting test: KnowsOfRoleHolders
    
             Role Schema Owner = CN=NTDS Settings,CN=KELLERDCFS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=keller-pa,DC=net
             Role Domain Owner = CN=NTDS Settings,CN=KELLERDCFS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=keller-pa,DC=net
             Role PDC Owner = CN=NTDS Settings,CN=KELLERDCFS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=keller-pa,DC=net
             Role Rid Owner = CN=NTDS Settings,CN=KELLERDCFS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=keller-pa,DC=net
             Role Infrastructure Update Owner = CN=NTDS Settings,CN=KELLERDCFS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=keller-pa,DC=net
             ......................... KELLERDCFS passed test KnowsOfRoleHolders
    
          Starting test: MachineAccount
    
             Checking machine account for DC KELLERDCFS on DC KELLERDCFS.
             * SPN found :LDAP/KELLERDCFS.keller-pa.net/keller-pa.net
             * SPN found :LDAP/KELLERDCFS.keller-pa.net
             * SPN found :LDAP/KELLERDCFS
             * SPN found :LDAP/KELLERDCFS.keller-pa.net/KELLER-PA
             * SPN found :LDAP/42268b36-801f-4a6d-b162-34f3b01e04bb._msdcs.keller-pa.net
             * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/42268b36-801f-4a6d-b162-34f3b01e04bb/keller-pa.net
             * SPN found :HOST/KELLERDCFS.keller-pa.net/keller-pa.net
             * SPN found :HOST/KELLERDCFS.keller-pa.net
             * SPN found :HOST/KELLERDCFS
             * SPN found :HOST/KELLERDCFS.keller-pa.net/KELLER-PA
             * SPN found :GC/KELLERDCFS.keller-pa.net/keller-pa.net
             ......................... KELLERDCFS passed test MachineAccount
    
          Starting test: NCSecDesc
    
             * Security Permissions check for all NC's on DC KELLERDCFS.
             * Security Permissions Check for
    
               DC=ForestDnsZones,DC=keller-pa,DC=net
                (NDNC,Version 3)
             * Security Permissions Check for
    
               DC=DomainDnsZones,DC=keller-pa,DC=net
                (NDNC,Version 3)
             * Security Permissions Check for
    
               CN=Schema,CN=Configuration,DC=keller-pa,DC=net
                (Schema,Version 3)
             * Security Permissions Check for
    
               CN=Configuration,DC=keller-pa,DC=net
                (Configuration,Version 3)
             * Security Permissions Check for
    
               DC=keller-pa,DC=net
                (Domain,Version 3)
             ......................... KELLERDCFS passed test NCSecDesc
    
          Starting test: NetLogons
    
             * Network Logons Privileges Check
             Verified share \\KELLERDCFS\netlogon
             Verified share \\KELLERDCFS\sysvol
             ......................... KELLERDCFS passed test NetLogons
    
          Starting test: ObjectsReplicated
    
             KELLERDCFS is in domain DC=keller-pa,DC=net
             Checking for CN=KELLERDCFS,OU=Domain Controllers,DC=keller-pa,DC=net in domain DC=keller-pa,DC=net on 1 servers
                Object is up-to-date on all servers.
             Checking for CN=NTDS Settings,CN=KELLERDCFS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=keller-pa,DC=net in domain CN=Configuration,DC=keller-pa,DC=net on 1 servers
                Object is up-to-date on all servers.
             ......................... KELLERDCFS passed test ObjectsReplicated
    
          Test omitted by user request: OutboundSecureChannels
    
          Starting test: Replications
    
             * Replications Check
             * Replication Latency Check
             ......................... KELLERDCFS passed test Replications
    
          Starting test: RidManager
    
             * Available RID Pool for the Domain is 1600 to 1073741823
             * KELLERDCFS.keller-pa.net is the RID Master
             * DsBind with RID Master was successful
             * rIDAllocationPool is 1100 to 1599
             * rIDPreviousAllocationPool is 1100 to 1599
             * rIDNextRID: 1111
             ......................... KELLERDCFS passed test RidManager
    
          Starting test: Services
    
             * Checking Service: EventSystem
             * Checking Service: RpcSs
             * Checking Service: NTDS
             * Checking Service: DnsCache
             * Checking Service: DFSR
             * Checking Service: IsmServ
             * Checking Service: kdc
             * Checking Service: SamSs
             * Checking Service: LanmanServer
             * Checking Service: LanmanWorkstation
             * Checking Service: w32time
             * Checking Service: NETLOGON
             ......................... KELLERDCFS passed test Services
    
          Starting test: SystemLog
    
             * The System Event log test
             An Error Event occurred.  EventID: 0x00000422
    
                Time Generated: 07/07/2009   17:53:59
    
                Event String:
    
                The processing of Group Policy failed. Windows attempted to read the file \\keller-pa.net\sysvol\keller-pa.net\Policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 
    
                a) Name Resolution/Network Connectivity to the current domain controller. 
    
                b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
    
                c) The Distributed File System (DFS) client has been disabled.
    
             An Error Event occurred.  EventID: 0x00000422
    
                Time Generated: 07/07/2009   17:59:02
    
                Event String:
    
                The processing of Group Policy failed. Windows attempted to read the file \\keller-pa.net\sysvol\keller-pa.net\Policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 
    
                a) Name Resolution/Network Connectivity to the current domain controller. 
    
                b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
    
                c) The Distributed File System (DFS) client has been disabled.
    
             An Error Event occurred.  EventID: 0x00000422
    
                Time Generated: 07/07/2009   18:04:04
    
                Event String:
    
                The processing of Group Policy failed. Windows attempted to read the file \\keller-pa.net\sysvol\keller-pa.net\Policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 
    
                a) Name Resolution/Network Connectivity to the current domain controller. 
    
                b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
    
                c) The Distributed File System (DFS) client has been disabled.
    
             An Error Event occurred.  EventID: 0x00000422
    
                Time Generated: 07/07/2009   18:09:06
    
                Event String:
    
                The processing of Group Policy failed. Windows attempted to read the file \\keller-pa.net\sysvol\keller-pa.net\Policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 
    
                a) Name Resolution/Network Connectivity to the current domain controller. 
    
                b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
    
                c) The Distributed File System (DFS) client has been disabled.
    
             An Error Event occurred.  EventID: 0x00000422
    
                Time Generated: 07/07/2009   18:14:08
    
                Event String:
    
                The processing of Group Policy failed. Windows attempted to read the file \\keller-pa.net\sysvol\keller-pa.net\Policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 
    
                a) Name Resolution/Network Connectivity to the current domain controller. 
    
                b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
    
                c) The Distributed File System (DFS) client has been disabled.
    
             An Error Event occurred.  EventID: 0x00000422
    
                Time Generated: 07/07/2009   18:19:10
    
                Event String:
    
                The processing of Group Policy failed. Windows attempted to read the file \\keller-pa.net\sysvol\keller-pa.net\Policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 
    
                a) Name Resolution/Network Connectivity to the current domain controller. 
    
                b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
    
                c) The Distributed File System (DFS) client has been disabled.
    
             An Error Event occurred.  EventID: 0x00000422
    
                Time Generated: 07/07/2009   18:24:12
    
                Event String:
    
                The processing of Group Policy failed. Windows attempted to read the file \\keller-pa.net\sysvol\keller-pa.net\Policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 
    
                a) Name Resolution/Network Connectivity to the current domain controller. 
    
                b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
    
                c) The Distributed File System (DFS) client has been disabled.
    
             An Error Event occurred.  EventID: 0x00000422
    
                Time Generated: 07/07/2009   18:29:15
    
                Event String:
    
                The processing of Group Policy failed. Windows attempted to read the file \\keller-pa.net\sysvol\keller-pa.net\Policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 
    
                a) Name Resolution/Network Connectivity to the current domain controller. 
    
                b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
    
                c) The Distributed File System (DFS) client has been disabled.
    
             An Error Event occurred.  EventID: 0x00000422
    
                Time Generated: 07/07/2009   18:34:17
    
                Event String:
    
                The processing of Group Policy failed. Windows attempted to read the file \\keller-pa.net\sysvol\keller-pa.net\Policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 
    
                a) Name Resolution/Network Connectivity to the current domain controller. 
    
                b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
    
                c) The Distributed File System (DFS) client has been disabled.
    
             An Error Event occurred.  EventID: 0x00000422
    
                Time Generated: 07/07/2009   18:39:19
    
                Event String:
    
                The processing of Group Policy failed. Windows attempted to read the file \\keller-pa.net\sysvol\keller-pa.net\Policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 
    
                a) Name Resolution/Network Connectivity to the current domain controller. 
    
                b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
    
                c) The Distributed File System (DFS) client has been disabled.
    
                The processing of Group Policy failed. Windows attempted to read the file \\keller-pa.net\sysvol\keller-pa.net\Policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 
    
                a) Name Resolution/Network Connectivity to the current domain controller. 
    
                b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
    
                c) The Distributed File System (DFS) client has been disabled.
    
             An Error Event occurred.  EventID: 0x00000422
    
                Time Generated: 07/07/2009   18:49:23
    
                Event String:
    
                The processing of Group Policy failed. Windows attempted to read the file \\keller-pa.net\sysvol\keller-pa.net\Policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 
    
                a) Name Resolution/Network Connectivity to the current domain controller. 
    
                b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
    
                c) The Distributed File System (DFS) client has been disabled.
    
             ......................... KELLERDCFS failed test SystemLog
    
          Test omitted by user request: Topology
    
          Test omitted by user request: VerifyEnterpriseReferences
    
          Starting test: VerifyReferences
    
             The system object reference (serverReference)
    
             CN=KELLERDCFS,OU=Domain Controllers,DC=keller-pa,DC=net and backlink
    
             on
    
             CN=KELLERDCFS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=keller-pa,DC=net
    
             are correct. 
             The system object reference (serverReferenceBL)
    
             CN=KELLERDCFS,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=keller-pa,DC=net
    
             and backlink on
    
             CN=NTDS Settings,CN=KELLERDCFS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=keller-pa,DC=net
    
             are correct. 
             ......................... KELLERDCFS passed test VerifyReferences
    
          Test omitted by user request: VerifyReplicas
    
       
          Test omitted by user request: DNS
    
          Test omitted by user request: DNS
    
       
       Running partition tests on : ForestDnsZones
    
          Starting test: CheckSDRefDom
    
             ......................... ForestDnsZones passed test CheckSDRefDom
    
          Starting test: CrossRefValidation
    
             ......................... ForestDnsZones passed test
    
             CrossRefValidation
    
       
       Running partition tests on : DomainDnsZones
    
          Starting test: CheckSDRefDom
    
             ......................... DomainDnsZones passed test CheckSDRefDom
    
          Starting test: CrossRefValidation
    
             ......................... DomainDnsZones passed test
    
             CrossRefValidation
    
       
       Running partition tests on : Schema
    
          Starting test: CheckSDRefDom
    
             ......................... Schema passed test CheckSDRefDom
    
          Starting test: CrossRefValidation
    
             ......................... Schema passed test CrossRefValidation
    
       
       Running partition tests on : Configuration
    
          Starting test: CheckSDRefDom
    
             ......................... Configuration passed test CheckSDRefDom
    
          Starting test: CrossRefValidation
    
             ......................... Configuration passed test CrossRefValidation
    
       
       Running partition tests on : keller-pa
    
          Starting test: CheckSDRefDom
    
             ......................... keller-pa passed test CheckSDRefDom
    
          Starting test: CrossRefValidation
    
             ......................... keller-pa passed test CrossRefValidation
    
       
       Running enterprise tests on : keller-pa.net
    
          Test omitted by user request: DNS
    
          Test omitted by user request: DNS
    
          Starting test: LocatorCheck
    
             GC Name: \\KELLERDCFS.keller-pa.net
    
             Locator Flags: 0xe00013fd
             PDC Name: \\KELLERDCFS.keller-pa.net
             Locator Flags: 0xe00013fd
             Time Server Name: \\KELLERDCFS.keller-pa.net
             Locator Flags: 0xe00013fd
             Preferred Time Server Name: \\KELLERDCFS.keller-pa.net
             Locator Flags: 0xe00013fd
             KDC Name: \\KELLERDCFS.keller-pa.net
             Locator Flags: 0xe00013fd
             ......................... keller-pa.net passed test LocatorCheck
    
          Starting test: Intersite
    
             Skipping site Default-First-Site-Name, this site is outside the scope
    
             provided by the command line arguments provided. 
             ......................... keller-pa.net passed test Intersite
    
    

    Here's the nslookup from Vista client:

    Microsoft Windows [Version 6.0.6001]
    Copyright (c) 2006 Microsoft Corporation.  All rights reserved.
    
    C:\Users\Andrew>nslookup KELLERDCFS
    Server:  UnKnown
    Address:  192.168.1.100
    
    Name:    KELLERDCFS.keller-pa.net
    Addresses:  192.168.1.150
              192.168.1.100
    
    
    C:\Users\Andrew>
    


    Thanks again!
    Tuesday, July 07, 2009 11:00 PM
  • Just an update: I have resolved the issue.  I tracked it down to the Default DC Policy, which while not enforced was link enabled.  Something happened to the policy to make it missing, and when I unlinked it the issue went away... gp now updates successfully for both users and machines.

    Thanks everyone for the help.
    • Marked as answer by ack210 Wednesday, July 08, 2009 4:13 AM
    Wednesday, July 08, 2009 4:13 AM
  • Hi , trying to resolve the same problem. "The processing of Group Policy failed. Windows attempted to read the file [path here]/gpt.ini" 

    Looks like absolutely the same as yours .  What do you mean: "when I unlinked it the issue went away

    What exactly you did to fix it??



     

    Saturday, March 27, 2010 3:09 AM
  • I had the same issue. GPO just not applying.

    tracked down to ACLs on the folder referenced at the top of this post -

    \\<FQDN>\sysvol\<FQDN>\Policies\{6AC1786C-016F-11D2-945F-00C04Fb984F9 folder

     

    solution below worked for me:

    MS  KB290647

    http://support.microsoft.com/kb/290647/

    hth

    Tuesday, August 10, 2010 9:47 AM
  • I ran in to the same problem on my DC. We were having major issues ranging from our DHCP server not doling out IPs to RDP sessions taking upwards of 10 minutes to connect. After messing with policy settings and all of the other suggestions in this post, I eventually found the TCP/IP NetBIOS Helper was not running. Once I started the service, everything went back to normal.

    Hope this helps...

    Tuesday, August 24, 2010 2:23 PM
  • i had same problem.

    this is due to NETLOGON folder replication issue. AD users & groups replication going well.

    i resovled this issue by modify registry entry.

    HKLM --> System --> CurrentControlSet --> Services --> ntfrs --> Parameters --> Backup/Restore --> Process at Startup --> BurFlags --> changed value as "D2" (Non-Authrotive Restore).

    then restarted "File replication services" service.

    this may be due to inproper shutdown


    kesav
    • Proposed as answer by Adam_Smith_au Wednesday, May 02, 2012 1:06 PM
    Monday, September 19, 2011 9:26 AM
  • did you able to resolve this issue?

    Please share you experience how you did.

    I am also facing the same and not able to resolve.

    Please help!


    Regards, Arun, I didn't belongs to any organization,all the opinions expressed here, are my own experience. This posting is provided AS with no warranties or guarantees.

    Tuesday, June 04, 2013 8:04 AM