Event ID: 1058 - Processing of Group Policy failed.Windows attempted to read file \\domain.com\SysVol\ domain.com \Policies\{xx}\gpt.ini from domain controller and was not successful.

Question

Hi Experts!

Background of issue : We promoted a 2016 AD from 2008 . after being promoted to domain controller we demoted the 2008 using DCpromo. However a few days , we noticed that some sysvol replication is not synchronized on DC01 siteA and DC02 Site B.

What we do is to perform the Force authoritative Synchronization DFSR sysvol replication and it's successfully working. The DFSR sysvol is now replicated on each site DCO1 site A and DC02 site B. Unfortunately, upon pushing "GPUPDATE /force" we encountered a error occurred. which is Processing of Group Policy failed.Windows attempted to read file \domain.com\SysVol\ domain.com \Policies{xx}\gpt.ini from domain controller and was not successful.

Event ID :1058 shows the processing of group policy failed. Windows attempted to read file \domain.com\sysvol\domain.com\Policies{GUID}\gpt.ini From a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 07/28/2020 17:51:56
Event String:

Gpresullt /r

C:\Users\Administrator.Domain.com>gpresult /r

Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
© 2016 Microsoft Corporation. All rights reserved.

Created on 28/07/2020 at 6:41:49 PM

RSOP data for DomainName\Administrator on DC02 Site B : Logging Mode

---

OS Configuration: Primary Domain Controller
OS Version: 10.0.14393
Site Name: MANILA
Roaming Profile: N/A
Local Profile: C:\Users\Administrator.DomainName
Connected over a slow link?: No

COMPUTER SETTINGS

---

CN=DC02,OU=Domain Controllers,DC=DomainName  
Last time Group Policy was applied: 28/07/2020 at 6:36:54 PM  
Group Policy was applied from:      DC01.Domain.com  
Group Policy slow link threshold:   500 kbps  
Domain Name:                        Domain.com  
Domain Type:                        Windows 2008 or later  

Applied Group Policy Objects  
-----------------------------  
    Google_Chrome  
    Default Domain Controllers Policy  
    NTP SERVER(TIME SYNC)  
    NEAR_SITE  
    Certification_Global  
    Firewall  
    Windows10_Block_Apps  
    PET_Default  
    Default Domain Policy  
    MIS_Local_Admin  
    NTP SERVER(TIME SYNC)  

The following GPOs were not applied because they were filtered out  
-------------------------------------------------------------------  
    EV_PC-Restrict  
        Filtering:  Denied (Security)  

    Local Group Policy  
        Filtering:  Not Applied (Empty)  

    WindowsUpdateBlock  
        Filtering:  Denied (Security)  

The computer is a part of the following security groups  
-------------------------------------------------------  
    BUILTIN\Administrators  
    Everyone  
    BUILTIN\Pre-Windows 2000 Compatible Access  
    BUILTIN\Users  
    Windows Authorization Access Group  
    NT AUTHORITY\NETWORK  
    NT AUTHORITY\Authenticated Users  
    This Organization  
    DC01$  
    Domain Controllers  
    NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS  
    Authentication authority asserted identity  
    Denied RODC Password Replication Group  
    System Mandatory Level  

USER SETTINGS

---

CN=Administrator,CN=Users,DC=Domain.com  
Last time Group Policy was applied: 28/07/2020 at 6:01:53 PM  
Group Policy was applied from:      DC01.Domain.com  
Group Policy slow link threshold:   500 kbps  
Domain Name:                        Domain.com  
Domain Type:                        Windows 2008 or later  

Applied Group Policy Objects  
-----------------------------  
    PET COVID19  
    Google_Chrome  
    PET SCREENSAVER  
    Firewall  
     Desktop shortcut  
    Windows10_Block_Apps  
    PET_Default  
    Default Domain Policy  
    Outlook_Cached-Settings  

The following GPOs were not applied because they were filtered out  
-------------------------------------------------------------------  
    Local Group Policy  
        Filtering:  Not Applied (Empty)  

The user is a part of the following security groups  
---------------------------------------------------  
    ERROR: An unexpected error occurred.  

DCDIAG result :

C:\Users\Administrator.Domain.com>dcdiag

Directory Server Diagnosis

Performing initial setup:
Trying to find home server...
Home Server = DC01
* Identified AD Forest.
Done gathering initial info.

Doing initial required tests

Testing server: MANILA\DC01
Starting test: Connectivity
......................... DC01 passed test Connectivity

Doing primary tests

Testing server: MANILA\DC01
Starting test: Advertising
......................... DC01 passed test Advertising
Starting test: FrsEvent
......................... DC01passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems.
......................... DC01 passed test DFSREvent
Starting test: SysVolCheck
......................... DC01 passed test SysVolCheck
Starting test: KccEvent
......................... DC010 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DC01 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC01 passed test MachineAccount
Starting test: NCSecDesc
......................... DC01 passed test NCSecDesc
Starting test: NetLogons
......................... DC01 passed test NetLogons
Starting test: ObjectsReplicated
......................... DC01 passed test ObjectsReplicated
Starting test: Replications
......................... DC01 passed test Replications
Starting test: RidManager
......................... DC01 passed test RidManager
Starting test: Services
......................... DC010 passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0x00000422
Time Generated: 07/28/2020 17:47:04
Event String:
The processing of Group Policy failed. Windows attempted to read the file \petcad1100\SysVol\petcad1100\Policies{GUID}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 07/28/2020 17:51:56
Event String:
The processing of Group Policy failed. Windows attempted to read the file \Domain.com\SysVol\Domain.com\Policies{GUID}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 07/28/2020 17:52:05
Event String:
The processing of Group Policy failed. Windows attempted to read the file \Domain.com\SysVol\Domain.com\Policies{GUID}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 07/28/2020 17:54:08
Event String:
The processing of Group Policy failed. Windows attempted to read the file \Domain.com\SysVol\Domain.com\Policies{GUID}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 07/28/2020 17:57:05
Event String:

 Running partition tests on : ForestDnsZones  
  Starting test: CheckSDRefDom  
     ......................... ForestDnsZones passed test CheckSDRefDom  
  Starting test: CrossRefValidation  
     ......................... ForestDnsZones passed test CrossRefValidation  

Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation

Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation

Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation

Answer 1

Hi,
Based on the information you mentioned , the sysvol replication still have a problem.

Before going further, i would like to confirm he DFSR is that used for sysvol replication. You can make sure that by the command :
dfsrmig.exe /getglobalstate
If the result shows: 3 (ELIMINATED) ,it means DFSR

Then, would you tell which DC is the FSMO holder?You can confirm that by :netdom query fsmo

After the new DC promotion ,did you test the the health of the DC? i would recommend you check the health by command:
Dcdiag /v >c:\dcdiag1.log
Repadmin /showrepl >C:\repl.txt
Repadmin /syncall /APeD

Not sure how did you perform the Force authoritative Synchronization DFSR sysvol replication.If possible, please tell more details or links you referred to.

Note: it is not recommend to post all the logs here due to the security reason and policy.If you find any error messages , you can share a screenshot of that and hide the private information.

Best Regards,

Answer 2

My solution is for when a domain controller is shutdown for long time(more than 60 days).
When domain controller is shutdown for more than 60 days and after power on domain controller is showing replication error with event id 1058. Go to event veiwer-> application -> replication. Look for error with event id 4312. Then there is one solution practically we have done. Firstly you should have snapshot for perticular server. Revert the server with snapshot and power it on. The problem will get solved. This error comes when server is in shut down condition for more than 60 days. The "max value time out for replication" works in this whole picture. After power on for some time this value get changed to recent time. After recreation of server from snapshot the "max time out value for replication" get reset to recent time and server get replication from partner server smoothly.