RE: GROUP POLCIY PROBLEM

Tech-Archive recommends: Speed Up your PC by fixing your registry

Here's the problem ... this is a domain controller which is logging the error
on itself (Computer name in the event points to itself).

The clock and time zone are correct. Obviously since it is a DC, I can't
simply rejoin the domain.

Any other suggestions here?

"Ulf B. Simon-Weidner [MVP]" wrote:

> Hi Dan,
>
> this events appear usually if either the time is not right (Windows allows a
> maximum time difference of five minutes between machines on the domain), also
> check that your timezone is set right. You can check this using w32tm /resync
> or /monitor on the client.
> Another possibility is that the clients account in AD has a different
> password than the client stored locally. You can fix this in different ways,
> the easiest is usually just to remove and rejoin the computer account to the
> domain.
>
> You can use the nltest /sc_verify command (support tools) to verify if the
> connection of the client to the domain is OK.
>
> There is also a website where you can check your events and look for
> suggestions:
> http://www.eventid.net/display.asp?eventid=1097&eventno=2126&source=Userenv&phase=1
>
> --
> Gruesse - Sincerely,
>
> Ulf B. Simon-Weidner
> Blog: http://msmvps.com/ulfbsimonweidner
>
>
> "Dan" wrote:
>
> > Hey. I'm getting two event errors every 5 minutes on one of my domain
> > controllers. They are event IDs 1030 and 1097.
> >
> > I've gone through steps in various articles, but nothing is fixing this.
> > Any help would be greatly appreciated.
> >
> > 1030:
> > Event Type: Error
> > Event Source: Userenv
> > Event Category: None
> > Event ID: 1030
> > Date: 10/25/2005
> > Time: 3:34:45 PM
> > User: NT AUTHORITY\SYSTEM
> > Computer: DC1
> > Description:
> > Windows cannot query for the list of Group Policy objects. Check the event
> > log for possible messages previously logged by the policy engine that
> > describes the reason for this.
> >
> > 1097:
> > Event Type: Error
> > Event Source: Userenv
> > Event Category: None
> > Event ID: 1097
> > Date: 10/25/2005
> > Time: 3:34:45 PM
> > User: NT AUTHORITY\SYSTEM
> > Computer: FP1
> > Description:
> > Windows cannot find the machine account, The Local Security Authority cannot
> > be contacted .
.

Relevant Pages

  • Re: Using EFS with Network Shares and SFU 3.5
    ... It does not take EFS into account. ... could again use the sharing server audit logs to see if success ... Read extended attribute and Read data, since the NFS client may ... Windows and *nix clients. ...
    (microsoft.public.windows.server.security)
  • Re: Using one Username to login to TS
    ... The client purchased TS Device CALs ... user account until we found the problem. ... The biggest problem with this setup is profile corruption. ... Computer Configuration - Administrative templates - Windows ...
    (microsoft.public.windows.terminal_services)
  • Re: sharing a printer on one pc for my home network
    ... The way around this is to have a Windows 2000 Server configured ... > the pc with the printer, and gave that account the same ... >>user that is currently logged on at the client. ... >>the server computer, the passwords will have to match ...
    (microsoft.public.win2000.printing)
  • Re: Setting Account Lockout Policies with a NT PDC
    ... When you connect the Win2K client to the the ... the domain account will be ignored simply b/c the ... the NT PDC, simply go to the PDC, open User Manager ... > PDC is a Windows NT Server ...
    (Focus-Microsoft)
  • Re: Vulnerability in IBM Windows XP: default hidden Administrator account allows local Administrator
    ... This is common in most Pre-Installed Windows System. ... > Administrator account allows local Administrator ... IBM Systems with preinstalled Microsoft ...
    (Bugtraq)