none
Event 1058 - Group Policy - gpupdate issue

    Question

  • Hi,

    I'm new to server configurations, So i have no experience on this. That's why i raised this question.

    I have below problems with my server.

    1. I cannot save remote desktop credentials in client computers. Each time i'm accessing to server i have to enter password even if i put the tick on the check box to save credentials. 

    2. I cannot create multiple remote desktop connections to the server.

    So I did some search on internet and change some settings in GPEDIT.MSC to solve above both issues. But When i'm trying to update my Group Policy(using CMD gpupdate) i got following error in Event Viewer. (Our server is running Windows Server 2012 R2 Standard Edition.)

    -------------------------------------------------------------------------------------------------------------------------------------------------

    The processing of Group Policy failed. Windows attempted to read the file \\eagle.int\sysvol\eagle.int\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 
    a) Name Resolution/Network Connectivity to the current domain controller. 
    b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). 
    c) The Distributed File System (DFS) client has been disabled.

    --------------------------------------------------------------------------------------------------------------------------------------------------
    3. I cannot access the above file path (gpt.ini) as it doesn't exist. (I can go only go to this far "\\eagle.int\sysvol\eagle.int" and there is no such a folder called Policies)

    4. I have migrated this server from windows server 2000 last December 2014. I got many errors during operation but somehow the domain is now functioning. (But i did force removal eariler domain controler as it cannot demote using normal procedure. And now its not using and all the data has been erased) Is that the reason that the gpupdate giving a such an error? Please help. I'm desperately looking for solution for this.



    Thanks,
    Ishan


    Tuesday, January 13, 2015 2:56 PM

All replies

  • Hi,

    How many domain controllers are still left in your organization? How did you migrate from Windows 2000? The message you get is that sysvol which is the group policy and netlogon share are not accesible or not existing anymore on the DC the client is connecting. Was there any FSMO role in place on the DC you force removed? 

    Can you issue dcdiag /a and repadmin /showrepl from a domain controller cmd prompt and show the results? This way we can get a better view of your environment.

    Regards,

    Calin 

    Tuesday, January 13, 2015 3:11 PM
  • Hi Calin,

    1. There is only one DC left in our organization. I used some tutorials over the internet. (Raised forest functioning levels on old DC & migrate it to new DC etc..) I'm not remember the procedure now.

    2. At the time i was force removing the old DC there wasn't a FSMO role in that DC.

    Here are the results, 

    dcdiag /a


    Directory Server Diagnosis


    Performing initial setup:

       Trying to find home server...

       Home Server = EAGLEDC10

       * Identified AD Forest. 
       Done gathering initial info.


    Doing initial required tests

       
       Testing server: Default-First-Site-Name\EAGLEDC10

          Starting test: Connectivity

             ......................... EAGLEDC10 passed test Connectivity



    Doing primary tests

       
       Testing server: Default-First-Site-Name\EAGLEDC10

          Starting test: Advertising

             ......................... EAGLEDC10 passed test Advertising

          Starting test: FrsEvent

             ......................... EAGLEDC10 passed test FrsEvent

          Starting test: DFSREvent

             ......................... EAGLEDC10 passed test DFSREvent

          Starting test: SysVolCheck

             ......................... EAGLEDC10 passed test SysVolCheck

          Starting test: KccEvent

             A warning event occurred.  EventID: 0x80000B46

                Time Generated: 01/13/2015   20:49:11

                Event String:

                The security of this directory server can be significantly enhanced by configuring the server to reject SASL (Negotiate, Kerberos, NTLM, or Digest) LDAP binds that do not request signing (integrity verification) and LDAP simple binds that are performed on a clear text (non-SSL/TLS-encrypted) connection.  Even if no clients are using such binds, configuring the server to reject them will improve the security of this server. 


             ......................... EAGLEDC10 passed test KccEvent

          Starting test: KnowsOfRoleHolders

             ......................... EAGLEDC10 passed test KnowsOfRoleHolders

          Starting test: MachineAccount

             ......................... EAGLEDC10 passed test MachineAccount

          Starting test: NCSecDesc

             ......................... EAGLEDC10 passed test NCSecDesc

          Starting test: NetLogons

             Unable to connect to the NETLOGON share! (\\EAGLEDC10\netlogon)

             [EAGLEDC10] An net use or LsaPolicy operation failed with error 67,

             The network name cannot be found..

             ......................... EAGLEDC10 failed test NetLogons

          Starting test: ObjectsReplicated

             ......................... EAGLEDC10 passed test ObjectsReplicated

          Starting test: Replications

             ......................... EAGLEDC10 passed test Replications

          Starting test: RidManager

             ......................... EAGLEDC10 passed test RidManager

          Starting test: Services

             ......................... EAGLEDC10 passed test Services

          Starting test: SystemLog

             An error event occurred.  EventID: 0x00000422

                Time Generated: 01/13/2015   20:02:36

                Event String:

                The processing of Group Policy failed. Windows attempted to read the file \\eagle.int\sysvol\eagle.int\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 


             An error event occurred.  EventID: 0x00000422

                Time Generated: 01/13/2015   20:07:36

                Event String:

                The processing of Group Policy failed. Windows attempted to read the file \\eagle.int\sysvol\eagle.int\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 


             An error event occurred.  EventID: 0x00000422

                Time Generated: 01/13/2015   20:12:36

                Event String:

                The processing of Group Policy failed. Windows attempted to read the file \\eagle.int\sysvol\eagle.int\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 


             An error event occurred.  EventID: 0x00000422

                Time Generated: 01/13/2015   20:17:37

                Event String:

                The processing of Group Policy failed. Windows attempted to read the file \\eagle.int\sysvol\eagle.int\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 


             An error event occurred.  EventID: 0x00000422

                Time Generated: 01/13/2015   20:22:37

                Event String:

                The processing of Group Policy failed. Windows attempted to read the file \\eagle.int\sysvol\eagle.int\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 


             An error event occurred.  EventID: 0x00000422

                Time Generated: 01/13/2015   20:27:37

                Event String:

                The processing of Group Policy failed. Windows attempted to read the file \\eagle.int\sysvol\eagle.int\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 


             An error event occurred.  EventID: 0x00009018

                Time Generated: 01/13/2015   20:30:44

                Event String:

                A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

             An error event occurred.  EventID: 0x00000422

                Time Generated: 01/13/2015   20:32:37

                Event String:

                The processing of Group Policy failed. Windows attempted to read the file \\eagle.int\sysvol\eagle.int\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 


             An error event occurred.  EventID: 0x00000422

                Time Generated: 01/13/2015   20:37:37

                Event String:

                The processing of Group Policy failed. Windows attempted to read the file \\eagle.int\sysvol\eagle.int\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 


             An error event occurred.  EventID: 0x00000422

                Time Generated: 01/13/2015   20:42:37

                Event String:

                The processing of Group Policy failed. Windows attempted to read the file \\eagle.int\sysvol\eagle.int\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 


             A warning event occurred.  EventID: 0x000727A5

                Time Generated: 01/13/2015   20:45:41

                Event String:

                The WinRM service is not listening for WS-Management requests. 


             A warning event occurred.  EventID: 0x80050004

                Time Generated: 01/13/2015   20:48:51

                Event String:

                Broadcom NetXtreme Gigabit Ethernet #4: The network link is down.  Check to make sure the network cable is properly connected.

             A warning event occurred.  EventID: 0x80050004

                Time Generated: 01/13/2015   20:48:51

                Event String:

                Broadcom NetXtreme Gigabit Ethernet #2: The network link is down.  Check to make sure the network cable is properly connected.

             A warning event occurred.  EventID: 0x80050004

                Time Generated: 01/13/2015   20:48:51

                Event String:

                Broadcom NetXtreme Gigabit Ethernet #3: The network link is down.  Check to make sure the network cable is properly connected.

             An error event occurred.  EventID: 0x0000164A

                Time Generated: 01/13/2015   20:49:28

                Event String:

                The Netlogon service could not create server share C:\Windows\SYSVOL\sysvol\eagle.int\SCRIPTS.  The following error occurred: 


             An error event occurred.  EventID: 0x0000041F

                Time Generated: 01/13/2015   20:49:31

                Event String:

                The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following: 


             A warning event occurred.  EventID: 0x0000000C

                Time Generated: 01/13/2015   20:49:36

                Event String:

                Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the AD PDC emulator for the domain at the root of the forest, so there is no machine above it in the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure the AD PDC to synchronize with an external time source. Otherwise, this machine will function as the authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.

             An error event occurred.  EventID: 0x00004E5F

                Time Generated: 01/13/2015   20:49:38

                Event String:

                Remote Access Connection Manager failed to start because the Protocol engine [IKEv2] failed to initialize. The request is not supported.


             A warning event occurred.  EventID: 0x000727AA

                Time Generated: 01/13/2015   20:49:39

                Event String:

                The WinRM service failed to create the following SPNs: WSMAN/EAGLEDC10.eagle.int; WSMAN/EAGLEDC10. 


             A warning event occurred.  EventID: 0x00001796

                Time Generated: 01/13/2015   20:50:39

                Event String:

                Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and this server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.


             An error event occurred.  EventID: 0x00000422

                Time Generated: 01/13/2015   20:50:41

                Event String:

                The processing of Group Policy failed. Windows attempted to read the file \\eagle.int\sysvol\eagle.int\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 


             An error event occurred.  EventID: 0x00000422

                Time Generated: 01/13/2015   20:54:32

                Event String:

                The processing of Group Policy failed. Windows attempted to read the file \\eagle.int\sysvol\eagle.int\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 


             An error event occurred.  EventID: 0x00000422

                Time Generated: 01/13/2015   20:59:32

                Event String:

                The processing of Group Policy failed. Windows attempted to read the file \\eagle.int\sysvol\eagle.int\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: 


             ......................... EAGLEDC10 failed test SystemLog

          Starting test: VerifyReferences

             ......................... EAGLEDC10 passed test VerifyReferences

       
       
       Running partition tests on : ForestDnsZones

          Starting test: CheckSDRefDom

             ......................... ForestDnsZones passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... ForestDnsZones passed test

             CrossRefValidation

       
       Running partition tests on : DomainDnsZones

          Starting test: CheckSDRefDom

             ......................... DomainDnsZones passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... DomainDnsZones passed test

             CrossRefValidation

       
       Running partition tests on : Schema

          Starting test: CheckSDRefDom

             ......................... Schema passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... Schema passed test CrossRefValidation

       
       Running partition tests on : Configuration

          Starting test: CheckSDRefDom

             ......................... Configuration passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... Configuration passed test CrossRefValidation

       
       Running partition tests on : eagle

          Starting test: CheckSDRefDom

             ......................... eagle passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... eagle passed test CrossRefValidation

       
       Running enterprise tests on : eagle.int

          Starting test: LocatorCheck

             ......................... eagle.int passed test LocatorCheck

          Starting test: Intersite

             ......................... eagle.int passed test Intersite

    repadmin /showrepl

    Repadmin: running command /showrepl against full DC localhost
    Default-First-Site-Name\EAGLEDC10
    DSA Options: IS_GC 
    Site Options: (none)
    DSA object GUID: a30c066e-ffa7-41d7-9141-fc95654eb07a
    DSA invocationID: 5c14609e-c117-413d-8c9c-ddb485dfa5f6

    And also note that this gpupdate i was run on the DC. Not on a client machine. Also i can add computers to the domain without any error at the moment. I don't know where i did the mistake.

    Regards,

    Ishan

    Tuesday, January 13, 2015 3:33 PM
  • Hi,

    Looks like you're missing SYSVOL share or some parts of it from the DC. Do you have any valid system state backups of this DC? if not you would probably need to re-create the sysvol.I am not sure how many GPOs you have in the domain but each GPO has 2 parts one is the AD object and the other part is the sysvol shared folder under \Policies.

    http://support.microsoft.com/kb/315457

    http://searchwindowsserver.techtarget.com/tip/How-to-rebuild-the-SYSVOL-tree-when-none-exists-in-Active-Directory

    Hope it helps.

    Regards,

    Calin

    Tuesday, January 13, 2015 3:59 PM
  • > 4. I have migrated this server from windows server 2000 last December
    > 2014. I got many errors during operation but somehow the domain is now
    > functioning. (But i did force removal eariler domain controler as it
    > cannot demote using normal procedure. And now its not using and all the
    > data has been erased) Is that the reason that the gpupdate giving a such
    > an error? Please help. I'm desperately looking for solution for this.
     
    Seems that sysvol wasn't properly replicated, so your current server has
    a full copy of AD (including all GPOs), but in sysvol the folders for
    some GPOs are missing... I'd suggest to identify the culprit GPOs,
    identify if they contain important settings, then delete and recreate them.
     
    To get the GPO name for a sysvol folder:
     
    dsquery * -filter "(&(name={guid-from-sysvol-folder}))" -attr displayname
     

    Martin

    Mal ein GUTES Buch über GPOs lesen?

    NO THEY ARE NOT EVIL, if you know what you are doing: Good or bad GPOs?
    And if IT bothers me - coke bottle design refreshment :))
    Tuesday, January 13, 2015 4:31 PM
  • Hi, Thanks for your reply. No i haven't a backup. Anyway I'll go through the given links and get back to you. Regards, Ishan
    Tuesday, January 13, 2015 4:34 PM
  • Hi Martin,

    I've entered the command line in CMD but it doesn't do anything.

    Thanks,

    Ishan

    Wednesday, January 14, 2015 3:28 AM
  • Hi,

    You need to replace "guid-from-sysvol-folder" with the actual GUID name of the GPO. Do you have anything within \Policies folder inside SYSVOL?

    Regards,

    Calin

    Wednesday, January 14, 2015 7:18 AM
  • Hi,

    Im facing the same problem, have you find the way to resolve it?


    M. BARO

    Tuesday, April 07, 2015 11:29 AM
  • Bonjour à tous,

    J'ai pu trouver la solution au problème. Du coup voici la procédure ci dessous pour d'autres qui auront rencontré le meme problème que moi.

    Le probleme d'accès aux repertoires partagés est du à l'absence du Client pour les réseaux Microsoft. En efftet ce composant logoociel réseau est essentiel au système pour avoir accès aux partages fichiers, imprimantes et autres ressources.

    Pour installer l'élément:

    > Panneau de configuration\Réseau et Internet\Centre Réseau et partage

    > Connexions Réseaux\Propriétés >Installer>Client>Ajouter

    Puis redemarrer.

    Merci à tous de votre implication.


    M. BARO

    • Proposed as answer by M.BARO Thursday, April 09, 2015 1:17 PM
    Thursday, April 09, 2015 1:17 PM