Group Policies

  recap 13:36 03 Jul 2006

I have just installed Windows 2003 Server, running DCPROM to install AD, this went fine as did the DNS and DHCP configuration. I change the Mode of the server to Native Mode.

Now I am configuring Group Policies for the Domain and Individual OU's.

My problem is that these Policies are not going across the network. Anybody know where I could have gone wrong?

Any advice would be gratefully appreciated.


  spikeychris 14:50 03 Jul 2006

Hello recap, what machines are you propagating to?

  recap 16:00 03 Jul 2006

Hi spikeychris,

There is a mix of W2K and XP Pro.

  spikeychris 16:05 03 Jul 2006

OK, You will be aware that Group Policies refresh at 90-minute intervals so run the command “gpupdate /force” to propagate the policies straight away

Does the policy install? If so you might want to change the refresh rate of the GPO.

click here

  recap 16:08 03 Jul 2006

Thanks spikeychris.

I will have a go at that, will get back if there are any difficulties.


  recap 16:12 03 Jul 2006

I get an Event Error ID# 40961, stating:
"The Security System couild not establish a secured connection with the server DNS/******.net. No authentication protocol was available"

I take it by this message the server is not talking to the DNS server?

  recap 16:15 03 Jul 2006

Two things here, would installing SP4 for W2k on the DC help. Also I did notice there is an Alias in the DNS for the server, should I remove this?

  spikeychris 16:18 03 Jul 2006

Yeah there is a DNS issue. I have never come across that error but I found this.

click here

  spikeychris 16:21 03 Jul 2006

Cross post. Did you do the alias? its just instead of DNS host name. SP4 has been known to chuck things a bit.

  spikeychris 16:25 03 Jul 2006

Have to go for a bit. You could extend the
Active Directory Diagnostic Event Logging process.

click here

  recap 19:08 03 Jul 2006

I deleted the alias in DNS.

Do you recommend the SP4 install?

Looking at the link from your link spickeychris (if you see what I mean), it mentions a W32time error:

"This behavior occurs when you restart the server that was promoted to a domain controller. In this scenario, the Windows Time service (W32Time) tries to authenticate before Directory Services has started"

There is a W32Time error occuring, this started after I downloaded and installed the updates.

If the rest of the article is correct then I should not have any further problems, fingers crossed that is, lol.

I will look at it again tomorrow, I will get back here if there are any other problems.

Thanks for your help spikeychris.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

The Evil Within 2 review-in-progress

Adobe shows still-in-development tools, including automatically colourising black-and-white photos

iPhone X news: Release date, price, new features & specs

Comment transformer un iPhone en borne Wi-Fi ?