Answered by:
Group Policy error

-
Hello All,
I have a Domain 2012 R2 with Four sites 8 DCs (2 DC in every location )
i have a problem in gpupdate /force
C:\WINDOWS\system32>gpupdate /force
Updating policy...
Computer policy could not be updated successfully. The following errors were encountered:
The processing of Group Policy failed. Windows attempted to read the file \\DOMAIN\sysvol\DomainPolicies\{45daeea5-4e37-45e1-89b5-30455e6f5812}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
User Policy update has completed successfully.To diagnose the failure, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy results.
I checked the system log for errors and i found that error appear as per attached screen shot
i searched for the folder that mentioned in error and i didn't find it in any domain controller
Please advice
Question
Answers
-
Your GPO's might have been deleted for some reason. For now, use that GUID string and drill down to see what is the friendly name of that GPO. This can be done using like this:
import-module grouppolicy Get-GPO -Guid "{GUID}"
Once the name has been found, find its related settings from a document which you have hopefully prepared before, and recreate that GPO. Restoring GPO from a backup is another option if you have that. If that missing GPO is default GPOs {Default domain policy & Default domain controller policy} you have to use dcgpofix command.
Mahdi Tehrani |
| www.mahditehrani.ir
Please click on Propose As Answer orto mark this post as
and helpful for other people.
This posting is provided AS-IS with no warranties, and confers no rights.- Proposed as answer by AlvwanMicrosoft contingent staff, Moderator Friday, March 11, 2016 2:20 AM
- Marked as answer by AlvwanMicrosoft contingent staff, Moderator Friday, March 11, 2016 7:19 AM
All replies
-
The processing of Group Policy failed. Windows attempted to read the file \\DOMAIN\sysvol\DomainPolicies\{45daeea5-4e37-45e1-89b5-30455e6f5812}\gpt.ini from a domain controller and was not successful.
To diagnose the failure, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy results.
i searched for the folder that mentioned in error and i didn't find it in any domain controller
Did you run gpresult /h somefilename.html ?
The gpresult report, should show the GUID which has the issue, and, it should show the GIUD andm "display name" of all GPOs resolved.
Compare that report, with your GPOs linked to this machine (check in GPMC), I expect you will find that there is a GPO linked, but that GPO "display name" doesn't appear in the gpresult report.
This GPO which doesn't appear correctly in the report, is most likely to be the problematic GPO. Note the display name of that GPOUnlink that GPO, and then try the gpupdate again. The error should be gone. The GPO which you unlinked, is damaged or corrupt or has failed replication/create/deletion. You will most likely need to re-create that GPO via a fresh object.Don [doesn't work for MSFT, and they're probably glad about that ;]
-
Hi,
There can be several possible causes for this Event ID 1058.
We can try the suggestions in the threads below to troubleshoot this issue:
Read Only Domain Controller Group Policy errors
https://social.technet.microsoft.com/Forums/windowsserver/en-US/4863cb73-6b6a-4573-a84c-94047b28879a
Group Policy failed event 1058
Computer policy fails to apply with event id 1058 - computer removed from one domain and added to another
Have a nice day.
Best Regards,
Alvin Wang
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
-
Your GPO's might have been deleted for some reason. For now, use that GUID string and drill down to see what is the friendly name of that GPO. This can be done using like this:
import-module grouppolicy Get-GPO -Guid "{GUID}"
Once the name has been found, find its related settings from a document which you have hopefully prepared before, and recreate that GPO. Restoring GPO from a backup is another option if you have that. If that missing GPO is default GPOs {Default domain policy & Default domain controller policy} you have to use dcgpofix command.
Mahdi Tehrani |
| www.mahditehrani.ir
Please click on Propose As Answer orto mark this post as
and helpful for other people.
This posting is provided AS-IS with no warranties, and confers no rights.- Proposed as answer by AlvwanMicrosoft contingent staff, Moderator Friday, March 11, 2016 2:20 AM
- Marked as answer by AlvwanMicrosoft contingent staff, Moderator Friday, March 11, 2016 7:19 AM
-
Hi,
Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.
Best Regards,
Alvin Wang
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.