Re: Cannot access security settings in Win 2003
From: Mikey_N (brooklynbluster_at_knucklenumbers.com)
Date: 01/27/05
- Next message: Steven L Umbach: "Re: Domain Controller Disaster Recovery"
- Previous message: Thelazyadmin.com: "Re: Domain Controller Disaster Recovery"
- In reply to: Steven L Umbach: "Re: Cannot access security settings in Win 2003"
- Next in thread: Steven L Umbach: "Re: Cannot access security settings in Win 2003"
- Reply: Steven L Umbach: "Re: Cannot access security settings in Win 2003"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 27 Jan 2005 14:41:15 -0500
No I did not have a chance to investigate too much. I will over the weekend.
It's not that important because it is only a small test system and I can
trash it and resinstall if necessary. However I would like to understand and
maybe fix the problem if possible, for my own knowledge and personal
gratification - I write mostly server side code for high volume business
applications but it never hurts to learn something new and sometimes I am
called upon to get involved with someone's network, etc.
Thanks again
-- Feel free to contact me with any questions or concerns. ________________________________________ MN @ Hzn 212-480-7000 x17 "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message news:uX0VNKKBFHA.824@TK2MSFTNGP11.phx.gbl... > Well when frustrated we all tend to blame the source of the frustration, I > can certainly understand that. > > Did you have a change to use the netdiag and dcdiag tools as I suggested. > That could be very helpful in determining the general health of the domain > and domain controller as would verifying the existence of the sysvol share > [very important] and it's permissions. When you go to Network Neighborhood > while logged onto the domain controller you should see the sysvol share and > then be able to drill down to the file referenced as in sysvol\domain > name\policies\31B2...\gpt.ini to see if you can access it. From the > description of your problem it seems as if the sysvol share does not exist, > permissions are too restrictive, or the default domain policy has been > deleted. If the sysvol share does not exist, see the link below on how to > recreate it with a registry modification. If the sysvol share exists but > 31B2F340-016D-11D2-945F-00C04FB984F9 does not exist then the default domain > policy is not linked to the domain or it has been deleted. You can use AD > Users and Computers, select the domain - right click/properties/Group Policy > to see if the default domain GPO is there. If it is not, select "add" to see > if you can find it and then link it to the domain container. If it can not > be found you use the command dcgpofix.exe on the domain controller to > restore it. --- Steve > > http://www.jsiinc.com/SUBG/tip3300/rh3304.htm -- recreate sysvol share. > > "Mikey_N" <Brooklynbluster@KnuckleNumbers.com> wrote in message > news:eqtwGiFBFHA.1392@tk2msftngp13.phx.gbl... > > Thanks for all your help. Maybe I shouldn't blame MS - I am a developer by > > trade not a network professional so I don't have extensive knowledge, just > > what I have picked up over the years from working and developing on MS > > network platforms. It seems something is seriously amiss with the config > > of > > the machine, I found stacks of messages like the following (below at end > > of > > this message) in the applications event log, appearing at 5 minute > > intervals.In addition there is extremely long delay when accessing files > > on > > the DC from workstations - like 5 minutes to browse one small text file. > > That is why I wanted to change the security settings - others have > > reported > > similar problems and were advised to turn off digital signatures on the > > server security policies. I was also experiencing extremely long log on > > times (applyling computer settings.... for about two minutes or more) but > > I > > fixed that by configuring the workstations to point explicitely to the DC > > as > > the DNS server instead of automatic detection. But the file access > > problems > > remain. > > > > > > ____________________________________________________________________ > > > > > > Windows cannot query for the list of Group Policy objects. Check the event > > log for possible messages previously logged by the policy engine that > > describes the reason for this. > > > > For more information, see Help and Support Center at > > http://go.microsoft.com/fwlink/events.asp. > > > > > > ________________________________________________________________________ > > > > Windows cannot access the file gpt.ini for GPO > > CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=MikeyNach > > ,DC=Net. The file must be present at the location > > <\\MikeyNach.Net\sysvol\MikeyNach.Net\Policies\{31B2F340-016D-11D2-945F-00C0 > > 4FB984F9}\gpt.ini>. (The network path was not found. ). Group Policy > > processing aborted. > > > > For more information, see Help and Support Center at > > http://go.microsoft.com/fwlink/events.asp. > > > > > > > > > >
- Next message: Steven L Umbach: "Re: Domain Controller Disaster Recovery"
- Previous message: Thelazyadmin.com: "Re: Domain Controller Disaster Recovery"
- In reply to: Steven L Umbach: "Re: Cannot access security settings in Win 2003"
- Next in thread: Steven L Umbach: "Re: Cannot access security settings in Win 2003"
- Reply: Steven L Umbach: "Re: Cannot access security settings in Win 2003"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
Loading
