Access is Denied to W2k3 GPO's - Really Stumped!
- From: a_user <auser@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 27 Jun 2005 17:23:02 -0700
Hello all,
I posted this under Directory Services as well, but I need to target as many
folks as possible asap. Sorry.
Problem: I receive an error when trying to open Group Policy via Group
Policy Manager or from the default GPO editor since upgrading from Windows
2000 SP4 to Windows 2003 SP1 on my Domain Controllers.
Background: Since upgrading my two Windows 2000 SP4 DC servers to Windows
2003 with SP1 I cannot open to edit my gpo’s. On one server I installed the
new GPO Manager, when I try and edit the default domain policy I receive this
message under the settings tab of the administrative template of both
computer and user configurations:
An unknown error occurred while data was gathered for this extension.
Details: Access to the path
"\\acsbackup01.acs2k\sysvol\acs2k\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\adm" is denied.
When I try and edit GPO’s through ADUC on the second win2k3 SP1 domain
controller I get an access denied after being prompted to select the PDC
Emulator server or the current selection server or any writable DC. I have
tried all three. The event viewer is showing tons of 1030 and 1058’s. the
1058’s say the following:
Windows cannot access the file gpt.ini for GPO
CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=acs2k. The
file must be present at the location
<\\acs2k\sysvol\acs2k\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini>. (Access is denied. ). Group Policy processing aborted.
I followed the knowledge base articles windows help pointed to, I called and
received the hotfix but it would not install stating my system is newer then
the patch. Article reference: http://support.microsoft.com/kb/842804/
Also, I physically applied an enterprise admin account to the sysvol folder
as well as the policy folder stated above with FC permissions just to ensure
somehow it wasn’t a permission problem that made no difference. Other things
I have done is stop the DFS Server Service and tried the temp fix it
suggested for purging DFS, made no difference either.
I would really appreciate if someone could help out here – as it stands I
cannot access group policy on my domain controllers as I receive access is
denied, it should be noted I am accessing with an enterprise admin account
and a domain account these two accounts have always worked up to this point.
Thank you!
.
- Prev by Date: Re: MSSQL on WindowsServer2003Web Edition?
- Next by Date: Re: Unknown Account credentials
- Previous by thread: Upgrade advice?
- Next by thread: Cached Credentials Expiring
- Index(es):
Relevant Pages
|
