Cleaning up Group Policies

M

mhoneycutt

I have a Windows 2000 domain, where the domain controller was re-dated
multiple times. There are actually 5 group policies, but the folder
C:\WINNT\SYSVOL\sysvol\domain.name has over 500 folders of policies
with inside each.

I ended up doing an authoritative System State restore, to get
replication running again between the DC's. But I still have those 500
plus folders....

These folders seem to be variants of the real GPO's.
Policies_NTFRS_0001294d
Policies_NTFRS_0001294d_NTFRS_00021fd2
Policies_NTFRS_0001294d_NTFRS_00021fd2_NTFRS_0001e2c9
Policies_NTFRS_0001294d_NTFRS_00021fd2_NTFRS_0001e2c9_NTFRS_00021a35
Policies_NTFRS_0001294d_NTFRS_00021fd2_NTFRS_0001e2c9_NTFRS_00021a35_NTFRS_0003ec36

And so on -
After replication completed I am aslo receiving this error regularly:
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Date: 3/13/2006
Time: 4:17:09 AM
User: NT AUTHORITY\SYSTEM
Computer: SVRLR04
Description:
Windows cannot access the file gpt.ini for GPO The file must be
present at the location <>. (). Group Policy processing aborted.

Looking inside the above referenced folders - only some of the 5
policies show under the various folders, except the first. It seems to
have the 5 GUID's shown in Active Directory\Users &
Computers\System\Policies.

Any recommendations on how to clean this mess up will be greatly
appreciated.
 
G

Guest

How many DCs? If it's not significant (< 10) here's what you do:

1.) Stop the File Replication Service on ALL your DCs
2.) Clean up the sysvol on your PDC Emulator so that it only contains
policies and scripts, get rid of the other ones (the morphs)
3.) Set the registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup\Burflags to d4 on the PDC Emulator
4.) Start the File replication service on the PDC Emulator and wait for a
13516 event in your File Replication Service log
5.) Set the registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process
at Startup\Burflags to d2 on an additional domain controller and Start the
File Replication Service on it
6.) Wait for 13516 in the file replication service log on that additional DC
7.) Repeat 5&6 for each additional DC until you are done.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

GPO Error after migration from 2000sp4 to 2003 3
Problem with distribuiting policies 2
XP PC's will not Process GPO's 5
Scripts ProcessGroupPolicy 4
group policy problem!!! 5
Error 1058 and 1030 on Clients 17
Troubles Restoring System State from Back Up 1
Error 1058 and 1030 in Application Log 1

Top