本文有助于解决更新组策略设置时出现的“LDAP 绑定函数调用失败”错误。
使用 gpupdate 命令更新组策略设置时,会收到以下错误:
C:\Windows\system32>gpupdate
Updating policy...
Computer policy could not be updated successfully. The following errors were encountered:
The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
User Policy could not be updated successfully. The following errors were encountered: The processing of Group Policy failed. Windows could not authenticate the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.
To diagnose the failure, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy results.
在域控制器上,与从网络组策略设置访问此计算机关联的用户权限缺少SeNetworkLogonRight默认原则。 该策略位于本地组策略编辑器中的计算机配置>Windows 设置>安全设置>本地策略>用户权限分配下。
在此方案中,默认域策略通过默认域控制器策略强制执行。 然后,默认域策略显示从网络组策略设置访问此计算机的用户权限分配不正确。
若要解决此问题,请确保添加适当的原则,并确保设置在域控制器上有效,如从网络安全策略设置访问此计算机中所述。 然后,重启域控制器。