none
GPO not getting update after sysvol restore

    Question

  • Hi,

    On some of domain systems, computer policy is not getting pushed (Specific to registry).

    policy is getting pushed successfully when i delete "registry.pol" file from C:\windows\System32\GroupPolicy\Machine.

    Just to give more details,

    1.Earlier we ware facing issue with ntfrs replication on one of DC "event 13555 & 13555" so as recommended we successfully restored sysvol using D2 method.

    2.All affected systems pointed to affected DC (but now there is no issue with DC)

    3.Facing issue on some of systems only, getting an error event "1503" while running "gpudpate /force" command on the system.

    Please guide for further check.

    Tuesday, April 25, 2017 3:09 PM

Answers

  • Hi,
    As far as I know, event "1503" is an informational event, could you find any error/warning events relating to this problem?
    And according to your description of the problem, it seems that the registry client-side extension fail to read the registry.pol file from the Group Policy template location. The registry.pol file contains registry policy settings. This file may be missing, inaccessible, or corrupt.
    Generally, we would suggest the following steps to have a try:
    1. Delete or rename the registry.pol file under c:\windows\system32\grouppolicy\machine\registry.pol
    2. Configure any administrative template settings in the local Computer settings GPO. This will re-generate automatically a new registry.pol file.
    3. Run Gpupdate /force command again
    Best regards, 
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Marked as answer by Manoj Misal Friday, April 28, 2017 3:49 AM
    Friday, April 28, 2017 2:52 AM
    Moderator
  • Hi All,

    Thanks for you reply and suggestion, after reboot of DC its working fine. all new GPO copies get replicated successfully.

    • Marked as answer by Manoj Misal Monday, January 29, 2018 12:21 PM
    Monday, January 29, 2018 12:21 PM

All replies

  • Hi,
    As far as I know, event "1503" is an informational event, could you find any error/warning events relating to this problem?
    And according to your description of the problem, it seems that the registry client-side extension fail to read the registry.pol file from the Group Policy template location. The registry.pol file contains registry policy settings. This file may be missing, inaccessible, or corrupt.
    Generally, we would suggest the following steps to have a try:
    1. Delete or rename the registry.pol file under c:\windows\system32\grouppolicy\machine\registry.pol
    2. Configure any administrative template settings in the local Computer settings GPO. This will re-generate automatically a new registry.pol file.
    3. Run Gpupdate /force command again
    Best regards, 
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Marked as answer by Manoj Misal Friday, April 28, 2017 3:49 AM
    Friday, April 28, 2017 2:52 AM
    Moderator
  • Hi Wendy,

    Thanks for your reply and suggestion, what you suggest is correct,

    I created one powershell script and renamed "registry.pol" file on the affected hosts, and new file gets created auto after default policy interval which is 90 min, so now issue is resolved and there is no error observed on the local system.

    As i checked, there were no issue for permission on that file, how to check if that file is corrupted. is there any way to check that file health.

    I am just curious if i can find the exact root cause.


    Friday, April 28, 2017 3:46 AM
  • Hi,
    As far as i know, there is no built-in methods to check that, generally, there will be an error message and some issues related, but you could regullay run sfc /scannow to have  a try.
    Best Regards,
    Wendy Jiang

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, May 1, 2017 4:56 AM
    Moderator
  • Hi All,

    Thanks for you reply and suggestion, after reboot of DC its working fine. all new GPO copies get replicated successfully.

    • Marked as answer by Manoj Misal Monday, January 29, 2018 12:21 PM
    Monday, January 29, 2018 12:21 PM