question

HomerSibayan-3006 avatar image
1 Vote"
HomerSibayan-3006 asked FanFan-MSFT commented

Event ID: 1058 - Processing of Group Policy failed.Windows attempted to read file \\domain.com\SysVol\ domain.com \Policies\{xx}\gpt.ini from domain controller and was not successful.

Hi Experts!

Background of issue : We promoted a 2016 AD from 2008 . after being promoted to domain controller we demoted the 2008 using DCpromo. However a few days , we noticed that some sysvol replication is not synchronized on DC01 siteA and DC02 Site B.

What we do is to perform the Force authoritative Synchronization DFSR sysvol replication and it's successfully working. The DFSR sysvol is now replicated on each site DCO1 site A and DC02 site B. Unfortunately, upon pushing "GPUPDATE /force" we encountered a error occurred. which is Processing of Group Policy failed.Windows attempted to read file \\domain.com\SysVol\ domain.com \Policies{xx}\gpt.ini from domain controller and was not successful.

Event ID :1058 shows the processing of group policy failed. Windows attempted to read file \\domain.com\sysvol\domain.com\Policies{GUID}\gpt.ini From a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 07/28/2020 17:51:56
Event String:
14127-gpupdate-force.jpg


14128-event-logs-1058.png



Gpresullt /r

C:\Users\Administrator.Domain.com>gpresult /r

Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
© 2016 Microsoft Corporation. All rights reserved.

Created on 28/07/2020 at 6:41:49 PM


RSOP data for DomainName\Administrator on DC02 Site B : Logging Mode



OS Configuration: Primary Domain Controller
OS Version: 10.0.14393
Site Name: MANILA
Roaming Profile: N/A
Local Profile: C:\Users\Administrator.DomainName
Connected over a slow link?: No


COMPUTER SETTINGS


 CN=DC02,OU=Domain Controllers,DC=DomainName
 Last time Group Policy was applied: 28/07/2020 at 6:36:54 PM
 Group Policy was applied from:      DC01.Domain.com
 Group Policy slow link threshold:   500 kbps
 Domain Name:                        Domain.com
 Domain Type:                        Windows 2008 or later

 Applied Group Policy Objects
 -----------------------------
     Google_Chrome
     Default Domain Controllers Policy
     NTP SERVER(TIME SYNC)
     NEAR_SITE
     Certification_Global
     Firewall
     Windows10_Block_Apps
     PET_Default
     Default Domain Policy
     MIS_Local_Admin
     NTP SERVER(TIME SYNC)

 The following GPOs were not applied because they were filtered out
 -------------------------------------------------------------------
     EV_PC-Restrict
         Filtering:  Denied (Security)

     Local Group Policy
         Filtering:  Not Applied (Empty)

     WindowsUpdateBlock
         Filtering:  Denied (Security)

 The computer is a part of the following security groups
 -------------------------------------------------------
     BUILTIN\Administrators
     Everyone
     BUILTIN\Pre-Windows 2000 Compatible Access
     BUILTIN\Users
     Windows Authorization Access Group
     NT AUTHORITY\NETWORK
     NT AUTHORITY\Authenticated Users
     This Organization
     DC01$
     Domain Controllers
     NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS
     Authentication authority asserted identity
     Denied RODC Password Replication Group
     System Mandatory Level


USER SETTINGS


 CN=Administrator,CN=Users,DC=Domain.com
 Last time Group Policy was applied: 28/07/2020 at 6:01:53 PM
 Group Policy was applied from:      DC01.Domain.com
 Group Policy slow link threshold:   500 kbps
 Domain Name:                        Domain.com
 Domain Type:                        Windows 2008 or later

 Applied Group Policy Objects
 -----------------------------
     PET COVID19
     Google_Chrome
     PET SCREENSAVER
     Firewall
      Desktop shortcut
     Windows10_Block_Apps
     PET_Default
     Default Domain Policy
     Outlook_Cached-Settings

 The following GPOs were not applied because they were filtered out
 -------------------------------------------------------------------
     Local Group Policy
         Filtering:  Not Applied (Empty)

 The user is a part of the following security groups
 ---------------------------------------------------
     ERROR: An unexpected error occurred.

DCDIAG result :

C:\Users\Administrator.Domain.com>dcdiag

Directory Server Diagnosis

Performing initial setup:
Trying to find home server...
Home Server = DC01
* Identified AD Forest.
Done gathering initial info.

Doing initial required tests

Testing server: MANILA\DC01
Starting test: Connectivity
......................... DC01 passed test Connectivity

Doing primary tests

Testing server: MANILA\DC01
Starting test: Advertising
......................... DC01 passed test Advertising
Starting test: FrsEvent
......................... DC01passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems.
......................... DC01 passed test DFSREvent
Starting test: SysVolCheck
......................... DC01 passed test SysVolCheck
Starting test: KccEvent
......................... DC010 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DC01 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC01 passed test MachineAccount
Starting test: NCSecDesc
......................... DC01 passed test NCSecDesc
Starting test: NetLogons
......................... DC01 passed test NetLogons
Starting test: ObjectsReplicated
......................... DC01 passed test ObjectsReplicated
Starting test: Replications
......................... DC01 passed test Replications
Starting test: RidManager
......................... DC01 passed test RidManager
Starting test: Services
......................... DC010 passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0x00000422
Time Generated: 07/28/2020 17:47:04
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\petcad1100\SysVol\petcad1100\Policies{GUID}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 07/28/2020 17:51:56
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\Domain.com\SysVol\Domain.com\Policies{GUID}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 07/28/2020 17:52:05
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\Domain.com\SysVol\Domain.com\Policies{GUID}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 07/28/2020 17:54:08
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\Domain.com\SysVol\Domain.com\Policies{GUID}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 07/28/2020 17:57:05
Event String:


  Running partition tests on : ForestDnsZones
   Starting test: CheckSDRefDom
      ......................... ForestDnsZones passed test CheckSDRefDom
   Starting test: CrossRefValidation
      ......................... ForestDnsZones passed test CrossRefValidation

Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation

Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation

Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation

windows-active-directorywindows-group-policy
gpupdate-force.jpg (69.2 KiB)
event-logs-1058.png (88.0 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

FanFan-MSFT avatar image
0 Votes"
FanFan-MSFT answered FanFan-MSFT commented

Hi,
Based on the information you mentioned , the sysvol replication still have a problem.

Before going further, i would like to confirm he DFSR is that used for sysvol replication. You can make sure that by the command :
dfsrmig.exe /getglobalstate
If the result shows: 3 (ELIMINATED) ,it means DFSR

Then, would you tell which DC is the FSMO holder?You can confirm that by :netdom query fsmo

After the new DC promotion ,did you test the the health of the DC? i would recommend you check the health by command:
Dcdiag /v >c:\dcdiag1.log
Repadmin /showrepl >C:\repl.txt
Repadmin /syncall /APeD

Not sure how did you perform the Force authoritative Synchronization DFSR sysvol replication.If possible, please tell more details or links you referred to.

Note: it is not recommend to post all the logs here due to the security reason and policy.If you find any error messages , you can share a screenshot of that and hide the private information.

Best Regards,

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

HI

Upon running the command

dfsrmig.exe /getglobalstate :
It shows Eliminitated

All FSMO Role Holder is placed on DC01

after DC promotion we did the AD health check and all comes goods.

DCdiag result is on the top of this comment

Repadmin /showrepl >C:\repl.txt - Show Inbound NEighbors Last Attempt was successful.
Repadmin /syncall /APeD -show Syncl all terminated with no errors


0 Votes 0 ·

Hi,
In this situation , i would recommend you check which DC has more sysvol files, back up it.
As a test create files on 2 DCs,and check which will replicate and which not.
Then on the one with problem (not replicate from others), done a non-authoritative synchronization for DFSR-replicated SYSVOL.

Fan

0 Votes 0 ·

Hi,
Welcome to share your current situation if there are any updates.
Please feel free to let us know if you need further assistance.
 
Best Regards,

0 Votes 0 ·
Show more comments