Group Policy Problems - Need Guru's Assistance!

gojericho0

I have been having a Group Policy problem with a Site ever since the local DC had problems and we were forced to demote it. The computers at this site are now dog slow and take about 30 mins to boot up. All DNS information for these PC's are pointing to our Data Center DC's so I do not believe its a DNS issue. I just hope after demoting the local DC PC's are not trying to look at this for policy. I recieve the following errors in the Application Event Viewer:

Error Source: Userenv
Event ID: 1058
Dindows cannot access the file gpt.ini for GPO CN= {GUID}, CN= Policies, N=System, DC= Domainname, DC=com. The file must be present at the location <\\DOMAIN\sysvol\DOMAIN\Policies\{GUID}\gpt.ini> Group Policy Being aborted

I can however copy and paste the UNC path and get to that directory. It just takes a very long time. Latency from this site to our datacenter is only 10 ms and only 20 users are at this site, so I wouldn't think coming back to the central DC would cause this much of a problem if latency were an issue.

Also below is the userenv.log of one of the PC's that are having these issues. Any help would be greatly appreciated. I am really new with Group Policy so any little bit will help:

USERENV(2a4.2a 09:34:39:828 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 09:34:39:828 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 09:34:39:828 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 10:49:16:781 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 10:49:16:781 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 10:49:16:781 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 10:49:16:781 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.6bc) 10:49:44:953 ProcessGPO: Couldn't find the group policy template file <\\ATTGEN.LCL\SysVol\ATTGEN.LCL\Policies\{EC3A1AD9-8D10-4098-BF50-6836998F5B15}\gpt.ini>, error = 0x40.
USERENV(2a4.6bc) 10:49:44:953 EvalList: ProcessGPO failed
USERENV(2a4.6bc) 10:49:44:953 GetGPOInfo: EvaluateDeferredGPOs failed. Exiting
USERENV(2a4.6bc) 10:49:44:968 ProcessGPOs: GetGPOInfo failed.
USERENV(2a4.97 10:49:45:703 ProcessGPO: Couldn't find the group policy template file <\\ATTGEN.LCL\SysVol\ATTGEN.LCL\Policies\{EC3A1AD9-8D10-4098-BF50-6836998F5B15}\gpt.ini>, error = 0x40.
USERENV(2a4.97 10:49:45:718 EvalList: ProcessGPO failed
USERENV(2a4.97 10:49:45:718 GetGPOInfo: EvaluateDeferredGPOs failed. Exiting
USERENV(2a4.97 10:49:45:718 ProcessGPOs: GetGPOInfo failed.
USERENV(2a4.2a 10:54:25:328 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 10:54:25:343 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 10:54:25:343 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 10:54:25:343 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.6bc) 10:57:57:005 ProcessGPO: Couldn't find the group policy template file <\\ATTGEN.LCL\SysVol\ATTGEN.LCL\Policies\{EC3A1AD9-8D10-4098-BF50-6836998F5B15}\gpt.ini>, error = 0x40.
USERENV(2a4.6bc) 10:57:57:005 EvalList: ProcessGPO failed
USERENV(2a4.6bc) 10:57:57:005 GetGPOInfo: EvaluateDeferredGPOs failed. Exiting
USERENV(2a4.6bc) 10:57:57:005 ProcessGPOs: GetGPOInfo failed.
USERENV(2ac.2b0) 11:04:12:671 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2ac.2b0) 11:04:12:703 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2ac.2b0) 11:04:12:703 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2ac.2b0) 11:04:12:703 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 15:25:50:968 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 15:25:50:984 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 15:25:50:984 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 15:25:50:984 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.88 15:28:48:573 GetWbemServices: CoCreateInstance returned 0x800401f0
USERENV(2a4.964) 15:29:57:666 CallDFS: NtFsControlFile failed with 0xc000020c
USERENV(2a4.2a 16:49:33:934 MyRegUnLoadKey: Failed to unmount hive 00000005
USERENV(2a4.2a 16:49:33:950 DumpOpenRegistryHandle: 2 user registry Handles leaked from \Registry\User\S-1-5-21-4242810110-19057349-4064085894-1922
USERENV(2a4.2a 16:49:33:950 UnloadUserProfileP: Didn't unload user profile <err = 5>
USERENV(2a4.2a 16:49:33:950 MyRegUnLoadKey: Failed to unmount hive 00000005
USERENV(2a4.2a 16:49:33:950 UnLoadClassHive: failed to unload classes key with 5
USERENV(2a4.2a 16:49:33:950 DumpOpenRegistryHandle: 2 user registry Handles leaked from \Registry\User\S-1-5-21-4242810110-19057349-4064085894-1922_Classes
USERENV(2a4.2a 16:49:33:965 ReportError: Impersonating user.
USERENV(2ac.2b0) 16:50:44:937 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2ac.2b0) 16:50:44:953 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2ac.2b0) 16:50:44:953 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2ac.e84) 08:43:04:875 ProcessGPOs: Forced option changed policy mode.
USERENV(2a4.2a 08:46:55:031 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 08:46:55:046 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 08:46:55:046 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2a4.2a 08:46:55:046 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(fe8.ff 08:49:53:053 EnterCriticalPolicySectionEx: Wait timed out on the mutex.
USERENV(2a4.ee0) 08:51:35:386 ProcessGPO: Couldn't find the group policy template file <\\ATTGEN.LCL\SysVol\ATTGEN.LCL\Policies\{EC3A1AD9-8D10-4098-BF50-6836998F5B15}\gpt.ini>, error = 0x40.
USERENV(2a4.ee0) 08:51:35:402 EvalList: ProcessGPO failed
USERENV(2a4.ee0) 08:51:35:402 GetGPOInfo: EvaluateDeferredGPOs failed. Exiting
USERENV(2a4.ee0) 08:51:35:402 ProcessGPOs: GetGPOInfo failed.
USERENV(2a4.91c) 09:41:02:354 PolicyChangedThread: UpdateUser failed with 0.

THANK YOU IN ADVANCE

itdaddy

How DC are located in Windows
http://support.microsoft.com/kb/247811
How to remove old DC in active directory
http://www.petri.co.il/delete_failed_dcs_from_ad.htm
looks to me like it is looking for like you said the policy on
the old Demoted DC.

I have had to do this as well.
Also, look how to remove old SRV records from your DNS
I will look in google; but there is a white paper on how to remove
old DNS SRV records from your DNS server this is key here as well.

gojericho0

Thanks, going to try this later this afternoon will follow up and let you know how it goes.

elover_jm

Hey how often do you backup the system files server...

you could try restore your lastest SYS backup...... tht should fix wutever prob ur experiencing.

gojericho0

Tried cleaning up old DC in active directory then promoting it again. It seems to be running a bit faster, but also has times where all client computers are ridiculously slow. I am also still seeing errors in the app event log regarding group policy again.

Also I see componant status failures in the GPMC for a PCs and Users at this location stating that due to GP Core Failure none of the componants processed their policy. Yet it also says the all GPO's have been applied

blargoe

You are probably not authenticating to the data center but to another remote site. If you go to a command prompt and type "set", is the value for LOGONSERVER the datacenter domain controller or some other remote DC? If so reply back.

gojericho0

set states that it is reporting to the DC at the datacenter

itdaddy

CHECK GROUP POLICY REALLY GOOD.

we had this same issue some how policy got changed
to allow all root drives and systems drive full access.
there is a policy somewhere that sets full access to all system
drives and root drives. but it cant seem to be set so it
causes this latency (taking like 5 to 7 minutes) to try to apply
no kidding; this happened and none of us admins did it
-ithink it was a virus or some 3rd party program that we had that
reset these intentially! (my theory).

Also, check your Active Directory and makesure that
by glancing at your Admin group there are noone else in there but the admins. This is also a symptom that can happen. I know guys here
think it cant but I have seen it myself.
Microsoft ENgineer have seen it to helping us troubelshoot this issues.
and they foound a security policy TRYING but failig to set
full access to system drives and root drives on all PCs.
this why it was Applying Computer Setting forever. we first thought
DNS but it could be that. That is why I recommend cleaning things up.
first, but further investigation leads to the policy issues. we aslo
used the Result Group Policy tool that show kind a general but tries to show specific area that this policy was comming from. Serious
looking more into the policies and Result Policy tool to reveal
wherethis policy is coming from and see if you can disable it or figure out why it is not being set; looks like from what you said that it is auth to the datacenter alright.