none
Group Policy - Computer Level Policies Not Applying

    Question

  • Hi,

    I am facing one strange issue, we have one Windows 2012 R2 server on which group policy computer level settings is not applying, user level settings is applying without any issue. When i run gpupdate /force /Taget:Computer getting below error and event log.


    "Computer policy could not be updated successfully. The following errors were encountered:

    The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful.

    To diagnose the failure, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy results."


    Found Event 1030 in Event Log with Error Code 58, Event description as per below..

    EventID 1030
    Version 0
    Level 2
    Task 0
    Opcode 1
    Keywords 0x8000000000000000

    EventData
    SupportInfo1 1
    SupportInfo2 2481
    ProcessingMode 0
    ProcessingTimeInMilliseconds 39140
    ErrorCode 58
    ErrorDescription The specified server cannot perform the requested operation.
    DCName \\DC1.xxxx.com

    Also found below log in Group Policy Operational Log

    Log Name:      Microsoft-Windows-GroupPolicy/Operational
    Source:        Microsoft-Windows-GroupPolicy
    Date:          5/5/2016 9:58:30 AM
    Event ID:      7320
    Task Category: None
    Level:         Error
    Keywords:      
    User:          xx\xx
    Computer:      xx
    Description:
    Error: Computer determined to be not in a site. Error code 0x77F.

    Please suggest, followed below steps so far..

    1. Removed server from Domain and Rejoined.

    2. Moved server from one OU to other OU.

    3. Once Server removed from Domain, gpupdate /force is working without any issue.

    4. Checked using Group Policy Modeling Wizard, not found any issue and showing all required policy are applying and no security filtering found.

    5. Disabled Firewall on Member Server.

    6. Checked required ports on Network Firewall, found all required ports are open, since User GPO are applying we don't think it's port issue on Firewall.

    7. gpupdate /force /Target:user running fine without any issue..

    8. Disabled Anti Virus Software.

    Please guide..


    MCP, MCTS


    • Edited by Hi_SGH Thursday, May 05, 2016 4:37 AM
    Thursday, May 05, 2016 4:36 AM

Answers

  • Hi Hi_SGH,

    For event ID 1030, the event occurs when the query for Group Policy object information fails, usually because it cannot contact the domain controller.

    So I suggest you check if there are any related events has generated in your computer.

    If yes, you could troubleshoot the problem with the guidance of the article below.

    Troubleshooting Group Policy Using Event Logs

    https://technet.microsoft.com/en-us/library/cc749336(v=ws.10).aspx

    here is an article below about event ID 1030 for your reference.

    Event ID 1030 — Group Policy Preprocessing (Active Directory)

    https://technet.microsoft.com/en-us/library/cc727265(v=ws.10).aspx

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, May 09, 2016 9:00 AM
    Moderator

All replies