I've got sort of a strange error and if it is what it appears to be I want to know how I've managed to go 2 years without noticing the issue. To give you a background of our network our primary site is in Milwaukee. This is where all of our FSMO roles are hosted. We have 9 remote offices that each have a single DC/file & print server. When checking my server in Atlanta this AM, I notice the following error
My first course of action was to just check the sysvol and see if that GPO actually existed. Then I figured that I could tell if it was just transient or if a real problem occurs. When I browse to \\domain.com\sysvol\domain.com\Policies\ sure enough the {910FD677-5FFA-477E-831A-B9BAAB290CD4} policy isn't there. Not only that but I notice that there are only 19 policies shown. All of my other DC's show 21 policies. To further confuse me, it appears to me that of the 19 policies that the Atlanta server does have, they haven't been updated since 2011. Again, all the other DC's show at least 5 policies with a 2012 date. DNS appears to be working fine. DFS is running. A dcdiag /test:dns comes back with a pass. A dcdiag /c comes back with a pass on everything except
Perhaps this is the issue? I looked at as suggested but it's referencing server 2003 and it's server 2008 that's missing and not updating policies. Any suggestions to resolve the Group Policy issue?
Code:
Log Name: System
Source: Microsoft-Windows-GroupPolicy
Date: 8/20/2012 10:32:48 AM
Event ID: 1058
Task Category: None
Level: Error
Keywords:
User: DOMAIN\USERNAME
Computer: Atlanta.domain.com
Description:
The processing of Group Policy failed. Windows attempted to read the file \\domain.com\sysvol\domain.com\Policies\{910FD677-5FFA-477E-831A-B9BAAB290CD4}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
Event Xml:
<Event xmlns="[URL unfurl="true"]http://schemas.microsoft.com/win/2004/08/events/event">[/URL]
<System>
<Provider Name="Microsoft-Windows-GroupPolicy" Guid="{AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}" />
<EventID>1058</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>1</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2012-08-20T14:32:48.000585400Z" />
<EventRecordID>80721</EventRecordID>
<Correlation ActivityID="{23A79244-3ADD-4832-A676-046A1448E2E2}" />
<Execution ProcessID="960" ThreadID="7836" />
<Channel>System</Channel>
<Computer>AtlantaDC.tnamain.com</Computer>
<Security UserID="S-1-5-21-636115898-1009256732-1050887974-1529" />
</System>
<EventData>
<Data Name="SupportInfo1">4</Data>
<Data Name="SupportInfo2">816</Data>
<Data Name="ProcessingMode">0</Data>
<Data Name="ProcessingTimeInMilliseconds">531</Data>
<Data Name="ErrorCode">3</Data>
<Data Name="ErrorDescription">The system cannot find the path specified. </Data>
<Data Name="DCName">AtlantaDC.tnamain.com</Data>
<Data Name="GPOCNName">cn={910FD677-5FFA-477E-831A-B9BAAB290CD4},cn=policies,cn=system,DC=tnamain,DC=com</Data>
<Data Name="FilePath">\\tnamain.com\sysvol\tnamain.com\Policies\{910FD677-5FFA-477E-831A-B9BAAB290CD4}\gpt.ini</Data>
</EventData>
</Event>My first course of action was to just check the sysvol and see if that GPO actually existed. Then I figured that I could tell if it was just transient or if a real problem occurs. When I browse to \\domain.com\sysvol\domain.com\Policies\ sure enough the {910FD677-5FFA-477E-831A-B9BAAB290CD4} policy isn't there. Not only that but I notice that there are only 19 policies shown. All of my other DC's show 21 policies. To further confuse me, it appears to me that of the 19 policies that the Atlanta server does have, they haven't been updated since 2011. Again, all the other DC's show at least 5 policies with a 2012 date. DNS appears to be working fine. DFS is running. A dcdiag /test:dns comes back with a pass. A dcdiag /c comes back with a pass on everything except
Code:
Starting test: VerifyEnterpriseReferences
The following problems were found while verifying various important DN
references. Note, that these problems can be reported because of
latency in replication. So follow up to resolve the following
problems, only if the same problem is reported on all DCs for a given
domain or if the problem persists after replication has had
reasonable time to replicate changes.
[1] Problem: Missing Expected Value
Base Object:
CN=POSTOFFICE,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=tnamain,DC=com
Base Object Description: "SYSVOL FRS Member Object"
Value Object Attribute Name: serverReference
Value Object Description: "DC Account Object"
Recommended Action: Check if this server is deleted, and if so
clean up this DCs SYSVOL FRS Member Object. Also see Knowledge
Base Article: Q312862
[2] Problem: Missing Expected Value
Base Object:
CN=POSTOFFICE,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=tnamain,DC=com
Base Object Description: "SYSVOL FRS Member Object"
Value Object Attribute Name: frsComputerReference
Value Object Description: "DSA Object"
Recommended Action: Check if this server is deleted, and if so
clean up this DCs SYSVOL FRS Member Object. Also see Knowledge
Base Article Q312862
......................... ATLANTA failed testPerhaps this is the issue? I looked at as suggested but it's referencing server 2003 and it's server 2008 that's missing and not updating policies. Any suggestions to resolve the Group Policy issue?