Re: Group Policy and DNS
From: Kevin D. Goodknecht [MVP] (admin_at_nospam.WFTX.US)
Date: 06/10/04
- Next message: William Stacey [MVP]: "Re: Secondary backup DNS www record"
- Previous message: Kevin D. Goodknecht [MVP]: "Re: Question on logical DNS structure"
- In reply to: Ron Gallimore: "Group Policy and DNS"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 10 Jun 2004 15:08:48 -0500
In news:23a801c44f1a$52bbcd40$7d02280a@phx.gbl,
Ron Gallimore <rgallimoreREMOVE@younginc.com> posted a question
Then Kevin replied below:
> We have a Win2k Small Business Server with 2 NICs. This
> is our only server so it is doing DNS, DHCP, AD, etc. We
> have been having problems with group policies applying so
> some machines. I narrowed down to a DNS issue, I think.
> The machines that are getting the policies ping the server
> at x.x.x.245 and the machines that are not getting the
> policies ping the server at x.x.x.246. Both addresses are
> valid for the server. I deleted the .246 host record from
> DNS and all of the machines work great however, two weeks
> has gone by and the .246 is back in my DNS server so
> obviously this is not a permanent fix. The machines that
> are affected show the follow 3 errors in the logs:
>
> Event Type: Error
> Event Source: Userenv
> Event Category: None
> Event ID: 1000
> Date: 6/10/2004
> Time: 1:19:35 PM
> User: NT AUTHORITY\SYSTEM
> Computer: DA19
> Description:
> The Group Policy client-side extension Security was passed
> flags (17) and returned a failure status code of (3).
>
> Event Type: Error
> Event Source: Userenv
> Event Category: None
> Event ID: 1000
> Date: 6/10/2004
> Time: 1:19:35 PM
> User: NT AUTHORITY\SYSTEM
> Computer: DA19
> Description:
> Windows cannot access the registry information at
> \\<<domain here>>\sysvol\<<domain
> here>>\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}
> \Machine\registry.pol with (51).
>
> Event Type: Error
> Event Source: SceCli
> Event Category: None
> Event ID: 1001
> Date: 6/10/2004
> Time: 1:19:35 PM
> User: N/A
> Computer: DA19
> Description:
> Security policy cannot be propagated. Cannot access the
> template. Error code = 3.
> \\<<domain here>>\sysvol\<<domain
> here>>\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}
> \Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
>
> From the machines that are not getting the policies, I can
> not browse to that directory but from the machines that
> are getting the policies, I can. Once I deleted that .246
> from DNS, all of the machines could browse. I think I
> have tried most, if not all, of the fixes on Microsoft's
> site. I do not know where to go from here.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ
Values: LdapIpAddress
2. Then manually create the blank host for the internal IP.
You should also check your binding order by right clicking on Network
Places, choose properties then in the Advanced menu select Advanced
settings. Make sure the internal interface is at the top of the connections
pane and that file sharing is enabled.
-- Best regards, Kevin D4 Dad Goodknecht Sr. [MVP] Hope This Helps ============================ -- When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. To respond directly to me remove the nospam. from my email. ========================================== http://www.lonestaramerica.com/ ========================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ ========================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx ==========================================
- Next message: William Stacey [MVP]: "Re: Secondary backup DNS www record"
- Previous message: Kevin D. Goodknecht [MVP]: "Re: Question on logical DNS structure"
- In reply to: Ron Gallimore: "Group Policy and DNS"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
