Quantcast
Channel: Group Policy forum
Viewing all articles
Browse latest Browse all 19997

I have a GPO viewing/applying/replication issue and I cannot find a solution match for my issue

$
0
0

I need some help along these lines but I am not sure exactly what is going on.  I have a lot of custom GPOs that I cannot lose and need to recover.  We had some kind of catastrophic failure that caused the DCs to enter AD recovery mode.  I was gone over the weekend and another administrator recovered one of the DCs, built another, and demoted the other.  Everything seems to work fin now except group policy.  I am very knowledgeable in AD but for the life of me, I cannot find a way to fix this.  Here are the details:

MSP-DC00 - Windows Server 2008R2 Standard

MSP-DC01 - Windows Server 2008R2 Standard 

MSP-DC02 - Windows Server 2012R2 Standard

DC00 was the FSMO and all of the other roles holder.  The other administrator demoted DC01, built DC02 and transferred all roles.

DCDIAG on both servers shows:

        * The current DC is not in the domain controller's OU

        ......................... MSP-DC00 failed test MachineAccount

        Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have

            Replicating Directory Changes In Filtered Set
        access rights for the naming context:

        DC=ForestDnsZones,DC=analytics,DC=local
        Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have

            Replicating Directory Changes In Filtered Set
        access rights for the naming context:

        DC=DomainDnsZones,DC=analytics,DC=local
        ......................... MSP-DC00 failed test NCSecDesc

        Unable to connect to the NETLOGON share! (\\MSP-DC00\netlogon)

        [MSP-DC00] An net use or LsaPolicy operation failed with error 67,

        The network name cannot be found..

        ......................... MSP-DC00 failed test NetLogons

The new DC02 also shows:

Several of these:

        An error event occurred. EventID: 0x00000422

            Time Generated: 01/26/2017 11:45:12

            Event String:

            The processing of Group Policy failed. Windows attempted to read the file \\analytics.local\sysvol\analytics.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:


        ......................... MSP-DC02 failed test SystemLog

I can also provide screenshots of the error when I try to expand the settings within each GPO.  Any help is appreciated!

Viewing all articles
Browse latest Browse all 19997

Latest Images

Trending Articles



Latest Images

<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>