I have a group policy created to create files to the %windir% from a shared folder, and no matter what i do i get the Result: Failure (Error Code: 0x80070005). The target machine is a windows 10 machine and the DC is either a 2008 r2 or 2012 r2 (depending on which one it is pulling group policy from (we have 3 DCs).
From what I have read this is a permissions issue, but what I cannot find if this is a permissions issue on the group policy writing to the the computer if the group policy does not have sufficient permissions to the shared drive to copy the file(s) down to the domain PC. If it is on the network share i have given everyone read (for testing) and domain/enterprise admins have full rights to the folder and sub folders.
However, if the group policy itself does not have the permissions to write to the PC then what do i need to check to verify it has the proper permissions? i can tell you that the domain admins, enterprise admins, and enterprise domain controllers have been delegated permissions to edit, delete, and modify security. authenticated users and enterprise domain controllers have read.
Does group policy have a service account it uses to write/enforce policy with? if so how do i check what that account is?