T
Tiger Poly
When running gpupdate /force on any windows 10 machine in our network we get the error The processing of Group Policy failed. Windows attempted to read the file \\domain.local\SysVol\Domain.local\Policies\{HEXID for a GPO}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved.
I am able to navigate to this UNC path in File Explorer and open the gpt.ini file in quesiton. I have repeatedly tested replication between our two DCs using repadmin and other basic change and observation testing. Both DCs have the latest windows updates and the client has the latest windows update.
Both DCs have DFS services running and remote registry enabled.
I have moved one machine over to its own OU and disabled policy inheritence. I ran gpupdate /force and the computer policy updated successfully (because there were none applied). I then created a brand new GPO and linked it to that OU and ran gpupdate /force again, and it failed and cited the HEXID for the newly created GPO.
My DNS records are correct and nslookup returns the correct results for my domain and domain controllers.
I have attempted to use "UNC hardening" fix by adding
1. \\*\sysvol
2. \\*\netlogon
with this value: RequireMutualAuthentication=0, RequireIntegrity=0, RequirePrivacy=0
But the issue persisted.
I've read over many forum posts relating to this issue and no resolution has been found.
Continue reading...
I am able to navigate to this UNC path in File Explorer and open the gpt.ini file in quesiton. I have repeatedly tested replication between our two DCs using repadmin and other basic change and observation testing. Both DCs have the latest windows updates and the client has the latest windows update.
Both DCs have DFS services running and remote registry enabled.
I have moved one machine over to its own OU and disabled policy inheritence. I ran gpupdate /force and the computer policy updated successfully (because there were none applied). I then created a brand new GPO and linked it to that OU and ran gpupdate /force again, and it failed and cited the HEXID for the newly created GPO.
My DNS records are correct and nslookup returns the correct results for my domain and domain controllers.
I have attempted to use "UNC hardening" fix by adding
1. \\*\sysvol
2. \\*\netlogon
with this value: RequireMutualAuthentication=0, RequireIntegrity=0, RequirePrivacy=0
But the issue persisted.
I've read over many forum posts relating to this issue and no resolution has been found.
Continue reading...