none
GPO Errors

    Question

  • We are in the mist of migrating to server 2012 r2 from server 2003 r2 for our new active directory system. In order to keep pre-set permissions on a lot of our servers that predate myself and the other IT administrator at our company we need to be able to transfer the local administrator profiles from the server 2003 AD server. I know the only way to do this is to sync the 2 AD servers, but this is where the problem is. 

    Our current running active directory server is unable to use its Group Policy and does not even allow us to run GPUpdates on the server including if we attempt to run them with the /force. We have attempted the sync to the 2012 r2 server, but the errors with the GPO follow the sync. We receive the following errors on the server when running either type of GP update:

    Error Code 1006:

    The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

    Error Code 1079:

    The processing of Group Policy failed. Windows could not obtain the list of Group Policy objects applicable for this computer or user. View the event details for more information.

    Does anyone know of a way to wipe the existing group policy to start it from default without wiping out the SID’s of all the local and domain user accounts? Or is there a simpler way to resolve this issue at the AD server level?


    Wednesday, May 20, 2015 5:47 PM

Answers