Re: * 1058 and 1030
From: Mark Renoden [MSFT] (markreno_at_online.microsoft.com)
Date: 06/28/04
- Previous message: ajay: "Re: need a way to import 2000 gp into 2003 server"
- In reply to: Boon Tee: "Re: * 1058 and 1030"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 28 Jun 2004 13:42:09 +1000
Hi Boon
Apologies for not replying earlier. I wasn't monitoring the newsgroup over
the weekend. I'm not able to send the fix directly. Please log a case with
support so that it may be provided in an appropriate manner.
Kind regards
-- Mark Renoden [MSFT] Windows Platform Support Team Email: markreno@online.microsoft.com Please note you'll need to strip ".online" from my email address to email me; I'll post a response back to the group. This posting is provided "AS IS" with no warranties, and confers no rights. "Boon Tee" <anonymous@discussions.microsoft.com> wrote in message news:270b01c45b37$bfab9b00$3501280a@phx.gbl... > Hi Mark, > > I have encountered the exact same scenario. At this stage, > I have checked everything you have listed. I found that I > cannot access any shares from the DC, although they work > fine on other PCs. There is only 1 DC. > > If the patch will work, could you pease email it to me at > bx107@hotmail.com. I cannot contact MS right now, as there > is no one on the phones (weekend), and my domain emails > are down due to the error. > > Regards, > Boon > >>-----Original Message----- >>Hi John >> >>Please try working through the following: >> >>1. That both DC's point to the same server as the > preferred DNS server. >> >>2. Ensure that "Digitally sign server communication > (always)" and "Digitally >>sign server communication (when possible)" match on all > DC's in the "Local >>Security Policy" -> Windows Settings -> Security > Settings -> Local >>Policies -> Security Options. Default settings are: >> >> Microsoft Network Client: Digitally Sign Communication > (always) >> Microsoft Network Client: Digitally Sign Communication > (if server agrees) >> Microsoft Network Server: Digitally Sign Communication > (always) >> Microsoft Network Server: Digitally Sign Communication > (if client agrees) >> >>3. In the "Domain Controller Security Policy", ensure > that Windows >>Settings -> Security Settings -> Local Policies -> User > Rights Assignment -> >>Bypass Traverse Checking includes the "Everyone" group. >> >>4. If any DC's use a Gigabit NIC, try updating the driver > or an alternate >>device? >> >>5. Ensure that the Netlogon service on all DC's is set > to "Automatic" >>startup and that the service is successfully starting. >> >>6. Ensure that the Distributed File System service on all > DC's is set to >>"Automatic" startup and that the service is successfully > starting. >> >>7. Ensure that Administrators and System have Full > Control access to the >>GPT.INI file and the full directory path specified in the > events? >> >>8. Provided you don't currently have anything important > set in the Default >>Domain or Default Domain Controllers policies, try > running the following on >>the PDC emulator. NOTE: This will completely replace > the existing policies >>with the defaults. >> >> dcgpofix /target:both >> >>9. Ensure that Remote Desktop Sharing is not enabled > (Properties of My >>Computer -> Remote Tab -> Uncheck "Allow users to connect > remotely to this >>computer." Click OK. >> >>10. Ensure that Offline Files are enabled (Open Windows > Explorer -> Tools >>Menu -> Folder Options -> Offline Files Tab -> > check "Enable Offline Files" >>and "Synchronize all offline files when logging on."). > Click OK. >> >>Failing these steps, contact Microsoft and request the > hotfix associated >>with knowledge the following knowledge base article: >> >>842804 Group Policy processing does not work and events > 1030 and 1058 are >>http://support.microsoft.com/?id=842804 >> >>Ensure that you add the registry value mentioned at the > end of the article. >> >>Kind regards >>-- >>Mark Renoden [MSFT] >>Windows Platform Support Team >>Email: markreno@online.microsoft.com >> >>Please note you'll need to strip ".online" from my email > address to email >>me; I'll post a response back to the group. >> >>This posting is provided "AS IS" with no warranties, and > confers no rights. >> >>"John" <anonymous@discussions.microsoft.com> wrote in > message >>news:1f2d701c457d1$604cbe00$a301280a@phx.gbl... >>> We keep on getting error in event log on our 2003 Server >>> DC. The error 1058 Windows caanot access the file >>> gpt.ini for GPO CN={AED8...} ... The file must be > present >>> at the location... (Access is denied). Group Policy >>> processing aborted. Then acompanied by error 1030 >>> Windows cannot query for the list of Group Policy >>> Objects... >>> >>> This errors keep on recurring every 5 minutes. We tried >>> fixing it by performing the steps in Knowledge Base >>> Article 830676 (dfsutil /PurgeMupCache) but it did not >>> resolve the problem. We also put the following entries >>> in HOSTS file: >>> 192.168.1.xxx domain.com (first DC) >>> 192.168.1.xxx domain.com (second DC) >>> but still did not resolve the problem. When we use "net >>> use * \\server\sharedname" command it prompt us to enter >>> user id and password, but could not map the network > drive. >>> >>> We searched the Internet and at this point there seems > to >>> be no resolution this problem. Does anyone have any > idea? >>> >>> John >> >> >>. >>
- Previous message: ajay: "Re: need a way to import 2000 gp into 2003 server"
- In reply to: Boon Tee: "Re: * 1058 and 1030"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
