none
Workstations Losing & Reapplying Policies after Non-Authoritative Sysvol Restoration

    Question

  • One domain, Domain Level: Server 2012. 1 PDC, 15 DCs. FRS Replication. 

    I'm having an issue where it appears some workstations are randomly losing group policy, and reapplying at a later time. It also appears the machines are constantly reapplying "New settings from X Group Policy objects." No GroupPolicy errors in System Event logs on workstations. When the policy is missing, RSOP is "empty", and GPRESULT is "empty", but gpresult shows the list of correct applied GPO's and revision numbers. Gpupdate appears to succeed. The machine usually reapplies the policy after a few reboots. 

    Updates done:

    Friday evening I did a non-authoritative sysvol restoration on 6 of the 15 domain controllers. The reason I did this was because sysvol was not replicating to any domain controllers. The reason I only did 6 was because I noticed after the first four, the other domain controllers started updating their SYSVOL directories, except two of them.

    I haven't done dcdiag on all DCs, but the ones I have done it on have not failed any tests. I'm not seeing any errors in FRS Replication logs. 

    Any suggestions on how to proceed with troubleshooting this? I'm feeling kind of lost, as I'm not seeing any errors on the workstation side of things. I'm thinking I might start with doing the remaining DC non-authoritative sysvol restorations, but I'm not sure that's a great idea at this point. 

    Thank you for any help offered. 



    Tuesday, November 10, 2015 3:19 PM

All replies

  • Update: I did the sysvol non-authoritative restore on the remaining domain controllers. It appears the issue with users having no policy applied has worsened. 

    However, I see that four of the domain controllers are missing folders within \sysvol\FQDN\Policies\{DDP}\MACHINE

    They're missing; Applications, Microsoft, and Scripts folders. 

    Could this be the cause of my issue?

    Friday, November 13, 2015 6:12 PM