Event ID:1000 - Windows cannot process extension Registry ProcessGroupPolicy. Return value (0x800040

L

lefort

Does anyone know how to get rid of this error? I'm receiving this in a
Server that runs, DC; DNS; DHCP services (it's showing on
EventViewer\application every 5 minutes)
++++++++++++++++++++++++++++++++++++++++++++++++++++++
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Date: 9/11/2006
Time: 9:05:32 PM
User: NT AUTHORITY\SYSTEM
Computer: LAW-DC
Description:
Windows cannot process extension Registry ProcessGroupPolicy. Return
value (0x80004005).
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++

thanks,
 
H

Harj

Hi,

This error is due to a corrupt registry.pol file within a group policy.
There is no workaround for this issue. You must re-create the
Registry.pol file
If you enable userenv debugging it will give the group policy that the
error is occurring on.

How to enable user environment debug logging
http://support.microsoft.com/kb/221833/

You will have to remove the bad registry.pol file it mentions in the
debug logs.
You will loss any custom settings that are configured under the
\Computer\Administrative templates portion, but they can be added back
if documented.

Find out what policy this error is occurring on and rename the
registry.pol from the following
C:\Winnt\sysvol\domain\policies\"GUID of policy in the logs"\machine.
DOCUMENT THE SETTINGS BEFORE DOING THE ABOVE FROM THE POLICY

Open up GPMC and edit the policy from above, make a minor change under
Computer
Configuration\Administrative Templates to build a new registry.pol
file.

Reapply the group policies on this machine to see if the errors do not
show up.

Good luck

Harj Singh
Power Your Active Directory Investment
www.specopssoft.com
 
L

lefort

Harj:
I enable the debug and found the policy with issue. I unlinked and
disable this policy after create a new one to replace (it was a
"Default Domain Controller Policy"). However I'm still having the same
event error and I cannot found any problem on usernev.log any more. I
cannot delete the policy through GPMC. I though somehow I lost the
rights, so I create another policy and deleted without any problem.
That means that I'm only unable to delete that problem that I had the
issue. Do you know how to delete a policy in a enforced way (files;
registries; etc...)?

This is how the log was before take out the bad object:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
"USERENV(104.868) 10:40:47:456 ProcessGPOs: Starting computer Group
Policy processing...
USERENV(104.868) 10:40:47:456 ProcessGPOs:
USERENV(104.868) 10:40:47:456 ProcessGPOs:
USERENV(104.868) 10:40:47:456 EnterCriticalPolicySection: Machine
critical section has been claimed. Handle = 0x694
USERENV(104.868) 10:40:47:456 ProcessGPOs: Machine role is 3.
USERENV(104.868) 10:40:47:471 PingComputer: PingBufferSize set as 2048
USERENV(104.868) 10:40:47:471 PingComputer: First time: 0
USERENV(104.868) 10:40:47:471 PingComputer: Fast link. Exiting.
USERENV(104.868) 10:40:47:471 ProcessGPOs: User name is:
CN=LAW-DC,OU=Domain Controllers,DC=clo-ks,DC=org, Domain name is:
CLO-KS
USERENV(104.868) 10:40:47:471 ProcessGPOs: Domain controller is:
\\law-dc.clo-ks.org Domain DN is clo-ks.org
USERENV(104.868) 10:40:47:471 ProcessGPOs: Calling GetGPOInfo for
normal policy mode
USERENV(104.868) 10:40:47:487 GetGPOInfo:
********************************
USERENV(104.868) 10:40:47:487 GetGPOInfo: Entering...
USERENV(104.868) 10:40:47:487 GetGPOInfo: Server connection
established.
USERENV(104.868) 10:40:47:503 GetGPOInfo: Bound successfully.
USERENV(104.868) 10:40:47:503 SearchDSObject: Searching <OU=Domain
Controllers,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:503 SearchDSObject: Found GPO(s):
<[LDAP://cn={9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC},cn=policies,cn=system,DC=clo-ks,DC=org;0][LDAP://CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=clo-ks,DC=org;0]>
USERENV(104.868) 10:40:47:503 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:503 ProcessGPO: Deferring search for
<LDAP://cn={9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC},cn=policies,cn=system,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:503 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:503 ProcessGPO: Deferring search for
<LDAP://CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:518 SearchDSObject: Searching
<DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:518 SearchDSObject: Found GPO(s):
<[LDAP://CN={180F29B9-48CF-4945-99DF-1DDCCE88C0BE},CN=Policies,CN=System,DC=clo-ks,DC=org;0]>
USERENV(104.868) 10:40:47:518 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:518 ProcessGPO: Deferring search for
<LDAP://CN={180F29B9-48CF-4945-99DF-1DDCCE88C0BE},CN=Policies,CN=System,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:534 SearchDSObject: Searching
<CN=CLO-KS,CN=Sites,CN=Configuration,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:534 SearchDSObject: Found GPO(s): < >
USERENV(104.868) 10:40:47:534 EvaluateDeferredGPOs: Searching for GPOs
in cn=policies,cn=system,DC=clo-ks,DC=org
USERENV(104.868) 10:40:47:549 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:549 ProcessGPO: Searching
<CN={180F29B9-48CF-4945-99DF-1DDCCE88C0BE},CN=Policies,CN=System,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:549 ProcessGPO: Machine has access to this
GPO.
USERENV(104.868) 10:40:47:549 ProcessGPO: Found functionality version
of: 2
USERENV(104.868) 10:40:47:549 ProcessGPO: Found file system path of:
<\\clo-ks.org\SysVol\clo-ks.org\Policies\{180F29B9-48CF-4945-99DF-1DDCCE88C0BE}>
USERENV(104.868) 10:40:47:549 ProcessGPO: Found common name of:
<{180F29B9-48CF-4945-99DF-1DDCCE88C0BE}>
USERENV(104.868) 10:40:47:565 ProcessGPO: Found display name of:
<Default GP>
USERENV(104.868) 10:40:47:565 ProcessGPO: Found machine version of:
GPC is 4, GPT is 4
USERENV(104.868) 10:40:47:565 ProcessGPO: Found flags of: 0
USERENV(104.868) 10:40:47:565 ProcessGPO: Found extensions:
[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
USERENV(104.868) 10:40:47:565 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:565 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:565 ProcessGPO: Searching
<cn={9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC},cn=policies,cn=system,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:581 ProcessGPO: Machine has access to this
GPO.
USERENV(104.868) 10:40:47:581 ProcessGPO: Found functionality version
of: 2
USERENV(104.868) 10:40:47:581 ProcessGPO: Found file system path of:
<\\clo-ks.org\sysvol\clo-ks.org\Policies\{9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC}>
USERENV(104.868) 10:40:47:581 ProcessGPO: Found common name of:
<{9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC}>
USERENV(104.868) 10:40:47:581 ProcessGPO: Found display name of:
<WSUS_server>
USERENV(104.868) 10:40:47:596 ProcessGPO: Found machine version of:
GPC is 4, GPT is 4
USERENV(104.868) 10:40:47:596 ProcessGPO: Found flags of: 1
USERENV(104.868) 10:40:47:596 ProcessGPO: Found extensions:
[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
USERENV(104.868) 10:40:47:596 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:596 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:596 ProcessGPO: Searching
<CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:596 ProcessGPO: Machine has access to this
GPO.
USERENV(104.868) 10:40:47:596 ProcessGPO: Found functionality version
of: 2
USERENV(104.868) 10:40:47:612 ProcessGPO: Found file system path of:
<\\clo-ks.org\sysvol\clo-ks.org\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}>
USERENV(104.868) 10:40:47:612 ProcessGPO: Found common name of:
<{6AC1786C-016F-11D2-945F-00C04fB984F9}>
USERENV(104.868) 10:40:47:612 ProcessGPO: Found display name of:
<Default Domain Controllers Policy>
USERENV(104.868) 10:40:47:612 ProcessGPO: Found machine version of:
GPC is 70, GPT is 70
USERENV(104.868) 10:40:47:612 ProcessGPO: Found flags of: 1
USERENV(104.868) 10:40:47:628 ProcessGPO: Found extensions:
[{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
USERENV(104.868) 10:40:47:628 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:628 GetGPOInfo: Leaving with 1
USERENV(104.868) 10:40:47:643 GetGPOInfo:
********************************
USERENV(104.868) 10:40:47:643 ProcessGPOs: OpenThreadToken failed with
error 1008, assuming thread is not impersonating
USERENV(104.868) 10:40:47:643 ProcessGPOs: -----------------------
USERENV(104.868) 10:40:47:643 ProcessGPOs: Processing extension
Registry
USERENV(104.868) 10:40:47:643 CheckForGPOsToRemove: GPO <Default Domain
Controllers Policy> needs to be removed

USERENV(104.868) 10:40:47:721 ProcessGPOs: -----------------------
USERENV(104.868) 10:40:47:721 ProcessGPOs: -----------------------"

a
Thanks,


Hi,

This error is due to a corrupt registry.pol file within a group policy.
There is no workaround for this issue. You must re-create the
Registry.pol file
If you enable userenv debugging it will give the group policy that the
error is occurring on.

How to enable user environment debug logging
http://support.microsoft.com/kb/221833/

You will have to remove the bad registry.pol file it mentions in the
debug logs.
You will loss any custom settings that are configured under the
\Computer\Administrative templates portion, but they can be added back
if documented.

Find out what policy this error is occurring on and rename the
registry.pol from the following
C:\Winnt\sysvol\domain\policies\"GUID of policy in the logs"\machine.
DOCUMENT THE SETTINGS BEFORE DOING THE ABOVE FROM THE POLICY

Open up GPMC and edit the policy from above, make a minor change under
Computer
Configuration\Administrative Templates to build a new registry.pol
file.

Reapply the group policies on this machine to see if the errors do not
show up.

Good luck

Harj Singh
Power Your Active Directory Investment
www.specopssoft.com
Click to expand...

Debug Results Now:

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
USERENV(104.868) 15:32:00:649 ProcessGPOs: Starting computer Group
Policy processing...
USERENV(104.868) 15:32:00:649 ProcessGPOs:
USERENV(104.868) 15:32:00:649 ProcessGPOs:
USERENV(104.868) 15:32:00:649 EnterCriticalPolicySection: Machine
critical section has been claimed. Handle = 0x694
USERENV(104.868) 15:32:00:649 ProcessGPOs: Machine role is 3.
USERENV(104.868) 15:32:00:649 PingComputer: PingBufferSize set as 2048
USERENV(104.868) 15:32:00:664 PingComputer: First time: 0
USERENV(104.868) 15:32:00:664 PingComputer: Fast link. Exiting.
USERENV(104.868) 15:32:00:664 ProcessGPOs: User name is:
CN=LAW-DC,OU=Domain Controllers,DC=clo-ks,DC=org, Domain name is:
CLO-KS
USERENV(104.868) 15:32:00:664 ProcessGPOs: Domain controller is:
\\law-dc.clo-ks.org Domain DN is clo-ks.org
USERENV(104.868) 15:32:00:664 ProcessGPOs: Calling GetGPOInfo for
normal policy mode
USERENV(104.868) 15:32:00:664 GetGPOInfo:
********************************
USERENV(104.868) 15:32:00:664 GetGPOInfo: Entering...
USERENV(104.868) 15:32:00:680 GetGPOInfo: Server connection
established.
USERENV(104.868) 15:32:00:680 GetGPOInfo: Bound successfully.
USERENV(104.868) 15:32:00:680 SearchDSObject: Searching <OU=Domain
Controllers,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:680 SearchDSObject: Found GPO(s):
<[LDAP://cn={9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC},cn=policies,cn=system,DC=clo-ks,DC=org;0][LDAP://cn={27C0ADE8-E3BF-4000-A46C-9D149CBC1D25},cn=policies,cn=system,DC=clo-ks,DC=org;0]>
USERENV(104.868) 15:32:00:695 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:695 ProcessGPO: Deferring search for
<LDAP://cn={9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC},cn=policies,cn=system,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:695 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:695 ProcessGPO: Deferring search for
<LDAP://cn={27C0ADE8-E3BF-4000-A46C-9D149CBC1D25},cn=policies,cn=system,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:695 SearchDSObject: Searching
<DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:695 SearchDSObject: Found GPO(s):
<[LDAP://CN={180F29B9-48CF-4945-99DF-1DDCCE88C0BE},CN=Policies,CN=System,DC=clo-ks,DC=org;0]>
USERENV(104.868) 15:32:00:695 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:695 ProcessGPO: Deferring search for
<LDAP://CN={180F29B9-48CF-4945-99DF-1DDCCE88C0BE},CN=Policies,CN=System,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:711 SearchDSObject: Searching
<CN=CLO-KS,CN=Sites,CN=Configuration,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:711 SearchDSObject: Found GPO(s): < >
USERENV(104.868) 15:32:00:711 EvaluateDeferredGPOs: Searching for GPOs
in cn=policies,cn=system,DC=clo-ks,DC=org
USERENV(104.868) 15:32:00:711 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:727 ProcessGPO: Searching
<CN={180F29B9-48CF-4945-99DF-1DDCCE88C0BE},CN=Policies,CN=System,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:727 ProcessGPO: Machine has access to this
GPO.
USERENV(104.868) 15:32:00:727 ProcessGPO: Found functionality version
of: 2
USERENV(104.868) 15:32:00:727 ProcessGPO: Found file system path of:
<\\clo-ks.org\SysVol\clo-ks.org\Policies\{180F29B9-48CF-4945-99DF-1DDCCE88C0BE}>
USERENV(104.868) 15:32:00:742 ProcessGPO: Found common name of:
<{180F29B9-48CF-4945-99DF-1DDCCE88C0BE}>
USERENV(104.868) 15:32:00:742 ProcessGPO: Found display name of:
<Default GP>
USERENV(104.868) 15:32:00:742 ProcessGPO: Found machine version of:
GPC is 4, GPT is 4
USERENV(104.868) 15:32:00:742 ProcessGPO: Found flags of: 0
USERENV(104.868) 15:32:00:742 ProcessGPO: Found extensions:
[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
USERENV(104.868) 15:32:00:742 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:742 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:742 ProcessGPO: Searching
<cn={9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC},cn=policies,cn=system,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:758 ProcessGPO: Machine has access to this
GPO.
USERENV(104.868) 15:32:00:758 ProcessGPO: Found functionality version
of: 2
USERENV(104.868) 15:32:00:758 ProcessGPO: Found file system path of:
<\\clo-ks.org\sysvol\clo-ks.org\Policies\{9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC}>
USERENV(104.868) 15:32:00:758 ProcessGPO: Found common name of:
<{9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC}>
USERENV(104.868) 15:32:00:758 ProcessGPO: Found display name of:
<WSUS_server>
USERENV(104.868) 15:32:00:758 ProcessGPO: Found machine version of:
GPC is 4, GPT is 4
USERENV(104.868) 15:32:00:758 ProcessGPO: Found flags of: 1
USERENV(104.868) 15:32:00:758 ProcessGPO: Found extensions:
[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
USERENV(104.868) 15:32:00:774 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:774 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:774 ProcessGPO: Searching
<cn={27C0ADE8-E3BF-4000-A46C-9D149CBC1D25},cn=policies,cn=system,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:774 ProcessGPO: Machine has access to this
GPO.
USERENV(104.868) 15:32:00:774 ProcessGPO: Found functionality version
of: 2
USERENV(104.868) 15:32:00:774 ProcessGPO: Found file system path of:
<\\clo-ks.org\sysvol\clo-ks.org\Policies\{27C0ADE8-E3BF-4000-A46C-9D149CBC1D25}>
USERENV(104.868) 15:32:00:774 ProcessGPO: Found common name of:
<{27C0ADE8-E3BF-4000-A46C-9D149CBC1D25}>
USERENV(104.868) 15:32:00:774 ProcessGPO: Found display name of:
<Copy of Default Domain Controllers Policy>
USERENV(104.868) 15:32:00:789 ProcessGPO: Found machine version of:
GPC is 4, GPT is 4
USERENV(104.868) 15:32:00:789 ProcessGPO: Found flags of: 1
USERENV(104.868) 15:32:00:789 ProcessGPO: Found extensions:
[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
USERENV(104.868) 15:32:00:789 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:789 GetGPOInfo: Leaving with 1
USERENV(104.868) 15:32:00:789 GetGPOInfo:
********************************
USERENV(104.868) 15:32:00:789 ProcessGPOs: OpenThreadToken failed with
error 1008, assuming thread is not impersonating
USERENV(104.868) 15:32:00:805 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:805 ProcessGPOs: Processing extension
Registry
USERENV(104.868) 15:32:00:805 CheckForGPOsToRemove: GPO <Default Domain
Controllers Policy> needs to be removed
USERENV(104.868) 15:32:00:805 GetDeletedGPOList: Finished.
USERENV(104.868) 15:32:00:805 ProcessGPOList: Entering for extension
Registry
USERENV(104.868) 15:32:00:805 ResetPolicies: Entering.
USERENV(104.868) 15:32:00:805 SetRegPermissionsOnPoliciesKey: Resetting
permission on the policy key
USERENV(104.868) 15:32:00:805 SetRegPermissionsOnPoliciesKey: Resetting
permission on the policy key
USERENV(104.868) 15:32:00:805 ParseRegistryFile: Entering with
<C:\Documents and Settings\All Users\ntuser.pol>.
USERENV(104.868) 15:32:00:820 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\SystemCertificates\EFS\EFSBlob
USERENV(104.868) 15:32:00:820 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\SystemCertificates\EFS\Certificates\D7F6F3785A9A613561CBA6F5D3A43F255BB26E44\Blob
USERENV(104.868) 15:32:00:820 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\SystemCertificates\EFS\CRLs\
USERENV(104.868) 15:32:00:820 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\SystemCertificates\EFS\CTLs\
USERENV(104.868) 15:32:00:820 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\WUServer
USERENV(104.868) 15:32:00:820 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\WUStatusServer
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\NoAutoUpdate
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\AUOptions
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallDay
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallTime
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\UseWUServer
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\RescheduleWaitTime
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\NoAutoRebootWithLoggedOnUsers
USERENV(104.868) 15:32:00:836 ParseRegistryFile: Leaving.
USERENV(104.868) 15:32:00:852 ResetPolicies: Leaving.
USERENV(104.868) 15:32:00:852 ProcessGPORegistryPolicy: Failed to
create archive file with 5
USERENV(104.868) 15:32:00:852 ProcessGPOList: ProcessGPORegistryPolicy
failed.
USERENV(104.868) 15:32:00:852 ProcessGPOs: Extension Registry
ProcessGroupPolicy failed, status 0x80004005.
USERENV(104.868) 15:32:00:852 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:852 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:852 ProcessGPOs: Processing extension Folder
Redirection
USERENV(104.868) 15:32:00:867 ProcessGPOs: Extension Folder Redirection
skipped with flags 0x10007.
USERENV(104.868) 15:32:00:867 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:867 ProcessGPOs: Processing extension
Microsoft Disk Quota
USERENV(104.868) 15:32:00:867 ProcessGPOs: Extension Microsoft Disk
Quota skipped with flags 0x10007.
USERENV(104.868) 15:32:00:867 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:867 ProcessGPOs: Processing extension Scripts
USERENV(104.868) 15:32:00:867 CompareGPOLists: The lists are the same.
USERENV(104.868) 15:32:00:867 CheckGPOs: No GPO changes but couldn't
read extension Scripts's status or policy time.
USERENV(104.868) 15:32:00:867 ProcessGPOs: Extension Scripts skipped
because both deleted and changed GPO lists are empty.
USERENV(104.868) 15:32:00:867 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:883 ProcessGPOs: Processing extension
Security
USERENV(104.868) 15:32:00:883 CompareGPOLists: The lists are the same.
USERENV(104.868) 15:32:00:883 CheckGPOs: No GPO changes and no security
group membership change and extension Security has NoGPOChanges set.
USERENV(104.868) 15:32:00:883 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:883 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:883 ProcessGPOs: Processing extension
Internet Explorer Branding
USERENV(104.868) 15:32:00:883 ProcessGPOs: Extension Internet Explorer
Branding skipped with flags 0x10007.
USERENV(104.868) 15:32:00:883 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:883 ProcessGPOs: Processing extension EFS
recovery
USERENV(104.868) 15:32:00:883 CompareGPOLists: The lists are the same.
USERENV(104.868) 15:32:00:883 CheckGPOs: No GPO changes and no security
group membership change and extension EFS recovery has NoGPOChanges
set.
USERENV(104.868) 15:32:00:899 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:899 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:899 ProcessGPOs: Processing extension
Application Management
USERENV(104.868) 15:32:00:899 ProcessGPOs: Extension Application
Management skipped with flags 0x10007.
USERENV(104.868) 15:32:00:899 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:899 ProcessGPOs: Processing extension IP
Security
USERENV(104.868) 15:32:00:899 CompareGPOLists: The lists are the same.
USERENV(104.868) 15:32:00:899 CheckGPOs: No GPO changes but couldn't
read extension IP Security's status or policy time.
USERENV(104.868) 15:32:00:899 ProcessGPOs: Extension IP Security
skipped because both deleted and changed GPO lists are empty.
USERENV(104.868) 15:32:00:899 LeaveCriticalPolicySection: Critical
section 0x694 has been released.
USERENV(104.868) 15:32:00:914 ProcessGPOs: Computer Group Policy has
been applied.
USERENV(104.868) 15:32:00:914 ProcessGPOs: Leaving with 1.
USERENV(104.868) 15:32:00:914 GPOThread: Next refresh will happen in 5
minutes
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 
H

Harj

Hi,
USERENV(104.868) 10:40:47:643 CheckForGPOsToRemove: GPO <Default Domain
Controllers Policy> needs to be removed
Click to expand...
This indicates there are settings enabled from the old policy that are
not disabled.

Never delete the default domain controllers policy as this will cause
serious issues with your DC's.
Seems like there is a tattooing issue here now.
Please enable your Default domain controller policy and relink it to
your Domain controller's OU.
I never mentioned to disable the policy as the error seems to pretain
to the registry.pol within the policy.
After linking the original policy, refresh the group policy on the
domain controller and rename the registry.pol from the Default domain
controllers policy.
Make a minor change under Configuration\Administrative Templates to
build a new registry.pol
file and refresh the policy again.
After that, look for errors.
Let's not create an issue while trying to resolve a different issue..
:)

Good luck

Harj Singh
Power Your Active Directory Invesment
www.specopssoft.com



Harj:
I enable the debug and found the policy with issue. I unlinked and
disable this policy after create a new one to replace (it was a
"Default Domain Controller Policy"). However I'm still having the same
event error and I cannot found any problem on usernev.log any more. I
cannot delete the policy through GPMC. I though somehow I lost the
rights, so I create another policy and deleted without any problem.
That means that I'm only unable to delete that problem that I had the
issue. Do you know how to delete a policy in a enforced way (files;
registries; etc...)?

This is how the log was before take out the bad object:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
"USERENV(104.868) 10:40:47:456 ProcessGPOs: Starting computer Group
Policy processing...
USERENV(104.868) 10:40:47:456 ProcessGPOs:
USERENV(104.868) 10:40:47:456 ProcessGPOs:
USERENV(104.868) 10:40:47:456 EnterCriticalPolicySection: Machine
critical section has been claimed. Handle = 0x694
USERENV(104.868) 10:40:47:456 ProcessGPOs: Machine role is 3.
USERENV(104.868) 10:40:47:471 PingComputer: PingBufferSize set as 2048
USERENV(104.868) 10:40:47:471 PingComputer: First time: 0
USERENV(104.868) 10:40:47:471 PingComputer: Fast link. Exiting.
USERENV(104.868) 10:40:47:471 ProcessGPOs: User name is:
CN=LAW-DC,OU=Domain Controllers,DC=clo-ks,DC=org, Domain name is:
CLO-KS
USERENV(104.868) 10:40:47:471 ProcessGPOs: Domain controller is:
\\law-dc.clo-ks.org Domain DN is clo-ks.org
USERENV(104.868) 10:40:47:471 ProcessGPOs: Calling GetGPOInfo for
normal policy mode
USERENV(104.868) 10:40:47:487 GetGPOInfo:
********************************
USERENV(104.868) 10:40:47:487 GetGPOInfo: Entering...
USERENV(104.868) 10:40:47:487 GetGPOInfo: Server connection
established.
USERENV(104.868) 10:40:47:503 GetGPOInfo: Bound successfully.
USERENV(104.868) 10:40:47:503 SearchDSObject: Searching <OU=Domain
Controllers,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:503 SearchDSObject: Found GPO(s):
<[LDAP://cn={9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC},cn=policies,cn=system,DC=clo-ks,DC=org;0][LDAP://CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=clo-ks,DC=org;0]>
USERENV(104.868) 10:40:47:503 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:503 ProcessGPO: Deferring search for
<LDAP://cn={9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC},cn=policies,cn=system,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:503 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:503 ProcessGPO: Deferring search for
<LDAP://CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:518 SearchDSObject: Searching
<DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:518 SearchDSObject: Found GPO(s):
<[LDAP://CN={180F29B9-48CF-4945-99DF-1DDCCE88C0BE},CN=Policies,CN=System,DC=clo-ks,DC=org;0]>
USERENV(104.868) 10:40:47:518 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:518 ProcessGPO: Deferring search for
<LDAP://CN={180F29B9-48CF-4945-99DF-1DDCCE88C0BE},CN=Policies,CN=System,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:534 SearchDSObject: Searching
<CN=CLO-KS,CN=Sites,CN=Configuration,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:534 SearchDSObject: Found GPO(s): < >
USERENV(104.868) 10:40:47:534 EvaluateDeferredGPOs: Searching for GPOs
in cn=policies,cn=system,DC=clo-ks,DC=org
USERENV(104.868) 10:40:47:549 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:549 ProcessGPO: Searching
<CN={180F29B9-48CF-4945-99DF-1DDCCE88C0BE},CN=Policies,CN=System,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:549 ProcessGPO: Machine has access to this
GPO.
USERENV(104.868) 10:40:47:549 ProcessGPO: Found functionality version
of: 2
USERENV(104.868) 10:40:47:549 ProcessGPO: Found file system path of:
<\\clo-ks.org\SysVol\clo-ks.org\Policies\{180F29B9-48CF-4945-99DF-1DDCCE88C0BE}>
USERENV(104.868) 10:40:47:549 ProcessGPO: Found common name of:
<{180F29B9-48CF-4945-99DF-1DDCCE88C0BE}>
USERENV(104.868) 10:40:47:565 ProcessGPO: Found display name of:
<Default GP>
USERENV(104.868) 10:40:47:565 ProcessGPO: Found machine version of:
GPC is 4, GPT is 4
USERENV(104.868) 10:40:47:565 ProcessGPO: Found flags of: 0
USERENV(104.868) 10:40:47:565 ProcessGPO: Found extensions:
[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
USERENV(104.868) 10:40:47:565 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:565 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:565 ProcessGPO: Searching
<cn={9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC},cn=policies,cn=system,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:581 ProcessGPO: Machine has access to this
GPO.
USERENV(104.868) 10:40:47:581 ProcessGPO: Found functionality version
of: 2
USERENV(104.868) 10:40:47:581 ProcessGPO: Found file system path of:
<\\clo-ks.org\sysvol\clo-ks.org\Policies\{9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC}>
USERENV(104.868) 10:40:47:581 ProcessGPO: Found common name of:
<{9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC}>
USERENV(104.868) 10:40:47:581 ProcessGPO: Found display name of:
<WSUS_server>
USERENV(104.868) 10:40:47:596 ProcessGPO: Found machine version of:
GPC is 4, GPT is 4
USERENV(104.868) 10:40:47:596 ProcessGPO: Found flags of: 1
USERENV(104.868) 10:40:47:596 ProcessGPO: Found extensions:
[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
USERENV(104.868) 10:40:47:596 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:596 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:596 ProcessGPO: Searching
<CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=clo-ks,DC=org>
USERENV(104.868) 10:40:47:596 ProcessGPO: Machine has access to this
GPO.
USERENV(104.868) 10:40:47:596 ProcessGPO: Found functionality version
of: 2
USERENV(104.868) 10:40:47:612 ProcessGPO: Found file system path of:
<\\clo-ks.org\sysvol\clo-ks.org\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}>
USERENV(104.868) 10:40:47:612 ProcessGPO: Found common name of:
<{6AC1786C-016F-11D2-945F-00C04fB984F9}>
USERENV(104.868) 10:40:47:612 ProcessGPO: Found display name of:
<Default Domain Controllers Policy>
USERENV(104.868) 10:40:47:612 ProcessGPO: Found machine version of:
GPC is 70, GPT is 70
USERENV(104.868) 10:40:47:612 ProcessGPO: Found flags of: 1
USERENV(104.868) 10:40:47:628 ProcessGPO: Found extensions:
[{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
USERENV(104.868) 10:40:47:628 ProcessGPO:
==============================
USERENV(104.868) 10:40:47:628 GetGPOInfo: Leaving with 1
USERENV(104.868) 10:40:47:643 GetGPOInfo:
********************************
USERENV(104.868) 10:40:47:643 ProcessGPOs: OpenThreadToken failed with
error 1008, assuming thread is not impersonating
USERENV(104.868) 10:40:47:643 ProcessGPOs: -----------------------
USERENV(104.868) 10:40:47:643 ProcessGPOs: Processing extension
Registry
USERENV(104.868) 10:40:47:643 CheckForGPOsToRemove: GPO <Default Domain
Controllers Policy> needs to be removed

USERENV(104.868) 10:40:47:721 ProcessGPOs: -----------------------
USERENV(104.868) 10:40:47:721 ProcessGPOs: -----------------------"

a
Thanks,


Hi,

This error is due to a corrupt registry.pol file within a group policy.
There is no workaround for this issue. You must re-create the
Registry.pol file
If you enable userenv debugging it will give the group policy that the
error is occurring on.

How to enable user environment debug logging
http://support.microsoft.com/kb/221833/

You will have to remove the bad registry.pol file it mentions in the
debug logs.
You will loss any custom settings that are configured under the
\Computer\Administrative templates portion, but they can be added back
if documented.

Find out what policy this error is occurring on and rename the
registry.pol from the following
C:\Winnt\sysvol\domain\policies\"GUID of policy in the logs"\machine.
DOCUMENT THE SETTINGS BEFORE DOING THE ABOVE FROM THE POLICY

Open up GPMC and edit the policy from above, make a minor change under
Computer
Configuration\Administrative Templates to build a new registry.pol
file.

Reapply the group policies on this machine to see if the errors do not
show up.

Good luck

Harj Singh
Power Your Active Directory Investment
www.specopssoft.com
Click to expand...

Debug Results Now:

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
USERENV(104.868) 15:32:00:649 ProcessGPOs: Starting computer Group
Policy processing...
USERENV(104.868) 15:32:00:649 ProcessGPOs:
USERENV(104.868) 15:32:00:649 ProcessGPOs:
USERENV(104.868) 15:32:00:649 EnterCriticalPolicySection: Machine
critical section has been claimed. Handle = 0x694
USERENV(104.868) 15:32:00:649 ProcessGPOs: Machine role is 3.
USERENV(104.868) 15:32:00:649 PingComputer: PingBufferSize set as 2048
USERENV(104.868) 15:32:00:664 PingComputer: First time: 0
USERENV(104.868) 15:32:00:664 PingComputer: Fast link. Exiting.
USERENV(104.868) 15:32:00:664 ProcessGPOs: User name is:
CN=LAW-DC,OU=Domain Controllers,DC=clo-ks,DC=org, Domain name is:
CLO-KS
USERENV(104.868) 15:32:00:664 ProcessGPOs: Domain controller is:
\\law-dc.clo-ks.org Domain DN is clo-ks.org
USERENV(104.868) 15:32:00:664 ProcessGPOs: Calling GetGPOInfo for
normal policy mode
USERENV(104.868) 15:32:00:664 GetGPOInfo:
********************************
USERENV(104.868) 15:32:00:664 GetGPOInfo: Entering...
USERENV(104.868) 15:32:00:680 GetGPOInfo: Server connection
established.
USERENV(104.868) 15:32:00:680 GetGPOInfo: Bound successfully.
USERENV(104.868) 15:32:00:680 SearchDSObject: Searching <OU=Domain
Controllers,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:680 SearchDSObject: Found GPO(s):
<[LDAP://cn={9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC},cn=policies,cn=system,DC=clo-ks,DC=org;0][LDAP://cn={27C0ADE8-E3BF-4000-A46C-9D149CBC1D25},cn=policies,cn=system,DC=clo-ks,DC=org;0]>
USERENV(104.868) 15:32:00:695 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:695 ProcessGPO: Deferring search for
<LDAP://cn={9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC},cn=policies,cn=system,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:695 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:695 ProcessGPO: Deferring search for
<LDAP://cn={27C0ADE8-E3BF-4000-A46C-9D149CBC1D25},cn=policies,cn=system,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:695 SearchDSObject: Searching
<DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:695 SearchDSObject: Found GPO(s):
<[LDAP://CN={180F29B9-48CF-4945-99DF-1DDCCE88C0BE},CN=Policies,CN=System,DC=clo-ks,DC=org;0]>
USERENV(104.868) 15:32:00:695 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:695 ProcessGPO: Deferring search for
<LDAP://CN={180F29B9-48CF-4945-99DF-1DDCCE88C0BE},CN=Policies,CN=System,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:711 SearchDSObject: Searching
<CN=CLO-KS,CN=Sites,CN=Configuration,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:711 SearchDSObject: Found GPO(s): < >
USERENV(104.868) 15:32:00:711 EvaluateDeferredGPOs: Searching for GPOs
in cn=policies,cn=system,DC=clo-ks,DC=org
USERENV(104.868) 15:32:00:711 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:727 ProcessGPO: Searching
<CN={180F29B9-48CF-4945-99DF-1DDCCE88C0BE},CN=Policies,CN=System,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:727 ProcessGPO: Machine has access to this
GPO.
USERENV(104.868) 15:32:00:727 ProcessGPO: Found functionality version
of: 2
USERENV(104.868) 15:32:00:727 ProcessGPO: Found file system path of:
<\\clo-ks.org\SysVol\clo-ks.org\Policies\{180F29B9-48CF-4945-99DF-1DDCCE88C0BE}>
USERENV(104.868) 15:32:00:742 ProcessGPO: Found common name of:
<{180F29B9-48CF-4945-99DF-1DDCCE88C0BE}>
USERENV(104.868) 15:32:00:742 ProcessGPO: Found display name of:
<Default GP>
USERENV(104.868) 15:32:00:742 ProcessGPO: Found machine version of:
GPC is 4, GPT is 4
USERENV(104.868) 15:32:00:742 ProcessGPO: Found flags of: 0
USERENV(104.868) 15:32:00:742 ProcessGPO: Found extensions:
[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
USERENV(104.868) 15:32:00:742 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:742 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:742 ProcessGPO: Searching
<cn={9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC},cn=policies,cn=system,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:758 ProcessGPO: Machine has access to this
GPO.
USERENV(104.868) 15:32:00:758 ProcessGPO: Found functionality version
of: 2
USERENV(104.868) 15:32:00:758 ProcessGPO: Found file system path of:
<\\clo-ks.org\sysvol\clo-ks.org\Policies\{9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC}>
USERENV(104.868) 15:32:00:758 ProcessGPO: Found common name of:
<{9E4E33CD-FFC5-429D-8FBE-EB8B79493EDC}>
USERENV(104.868) 15:32:00:758 ProcessGPO: Found display name of:
<WSUS_server>
USERENV(104.868) 15:32:00:758 ProcessGPO: Found machine version of:
GPC is 4, GPT is 4
USERENV(104.868) 15:32:00:758 ProcessGPO: Found flags of: 1
USERENV(104.868) 15:32:00:758 ProcessGPO: Found extensions:
[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
USERENV(104.868) 15:32:00:774 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:774 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:774 ProcessGPO: Searching
<cn={27C0ADE8-E3BF-4000-A46C-9D149CBC1D25},cn=policies,cn=system,DC=clo-ks,DC=org>
USERENV(104.868) 15:32:00:774 ProcessGPO: Machine has access to this
GPO.
USERENV(104.868) 15:32:00:774 ProcessGPO: Found functionality version
of: 2
USERENV(104.868) 15:32:00:774 ProcessGPO: Found file system path of:
<\\clo-ks.org\sysvol\clo-ks.org\Policies\{27C0ADE8-E3BF-4000-A46C-9D149CBC1D25}>
USERENV(104.868) 15:32:00:774 ProcessGPO: Found common name of:
<{27C0ADE8-E3BF-4000-A46C-9D149CBC1D25}>
USERENV(104.868) 15:32:00:774 ProcessGPO: Found display name of:
<Copy of Default Domain Controllers Policy>
USERENV(104.868) 15:32:00:789 ProcessGPO: Found machine version of:
GPC is 4, GPT is 4
USERENV(104.868) 15:32:00:789 ProcessGPO: Found flags of: 1
USERENV(104.868) 15:32:00:789 ProcessGPO: Found extensions:
[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
USERENV(104.868) 15:32:00:789 ProcessGPO:
==============================
USERENV(104.868) 15:32:00:789 GetGPOInfo: Leaving with 1
USERENV(104.868) 15:32:00:789 GetGPOInfo:
********************************
USERENV(104.868) 15:32:00:789 ProcessGPOs: OpenThreadToken failed with
error 1008, assuming thread is not impersonating
USERENV(104.868) 15:32:00:805 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:805 ProcessGPOs: Processing extension
Registry
USERENV(104.868) 15:32:00:805 CheckForGPOsToRemove: GPO <Default Domain
Controllers Policy> needs to be removed
USERENV(104.868) 15:32:00:805 GetDeletedGPOList: Finished.
USERENV(104.868) 15:32:00:805 ProcessGPOList: Entering for extension
Registry
USERENV(104.868) 15:32:00:805 ResetPolicies: Entering.
USERENV(104.868) 15:32:00:805 SetRegPermissionsOnPoliciesKey: Resetting
permission on the policy key
USERENV(104.868) 15:32:00:805 SetRegPermissionsOnPoliciesKey: Resetting
permission on the policy key
USERENV(104.868) 15:32:00:805 ParseRegistryFile: Entering with
<C:\Documents and Settings\All Users\ntuser.pol>.
USERENV(104.868) 15:32:00:820 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\SystemCertificates\EFS\EFSBlob
USERENV(104.868) 15:32:00:820 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\SystemCertificates\EFS\Certificates\D7F6F3785A9A613561CBA6F5D3A43F255BB26E44\Blob
USERENV(104.868) 15:32:00:820 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\SystemCertificates\EFS\CRLs\
USERENV(104.868) 15:32:00:820 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\SystemCertificates\EFS\CTLs\
USERENV(104.868) 15:32:00:820 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\WUServer
USERENV(104.868) 15:32:00:820 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\WUStatusServer
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\NoAutoUpdate
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\AUOptions
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallDay
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallTime
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\UseWUServer
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\RescheduleWaitTime
USERENV(104.868) 15:32:00:836 DeleteRegistryValue: Deleted
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\NoAutoRebootWithLoggedOnUsers
USERENV(104.868) 15:32:00:836 ParseRegistryFile: Leaving.
USERENV(104.868) 15:32:00:852 ResetPolicies: Leaving.
USERENV(104.868) 15:32:00:852 ProcessGPORegistryPolicy: Failed to
create archive file with 5
USERENV(104.868) 15:32:00:852 ProcessGPOList: ProcessGPORegistryPolicy
failed.
USERENV(104.868) 15:32:00:852 ProcessGPOs: Extension Registry
ProcessGroupPolicy failed, status 0x80004005.
USERENV(104.868) 15:32:00:852 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:852 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:852 ProcessGPOs: Processing extension Folder
Redirection
USERENV(104.868) 15:32:00:867 ProcessGPOs: Extension Folder Redirection
skipped with flags 0x10007.
USERENV(104.868) 15:32:00:867 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:867 ProcessGPOs: Processing extension
Microsoft Disk Quota
USERENV(104.868) 15:32:00:867 ProcessGPOs: Extension Microsoft Disk
Quota skipped with flags 0x10007.
USERENV(104.868) 15:32:00:867 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:867 ProcessGPOs: Processing extension Scripts
USERENV(104.868) 15:32:00:867 CompareGPOLists: The lists are the same.
USERENV(104.868) 15:32:00:867 CheckGPOs: No GPO changes but couldn't
read extension Scripts's status or policy time.
USERENV(104.868) 15:32:00:867 ProcessGPOs: Extension Scripts skipped
because both deleted and changed GPO lists are empty.
USERENV(104.868) 15:32:00:867 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:883 ProcessGPOs: Processing extension
Security
USERENV(104.868) 15:32:00:883 CompareGPOLists: The lists are the same.
USERENV(104.868) 15:32:00:883 CheckGPOs: No GPO changes and no security
group membership change and extension Security has NoGPOChanges set.
USERENV(104.868) 15:32:00:883 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:883 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:883 ProcessGPOs: Processing extension
Internet Explorer Branding
USERENV(104.868) 15:32:00:883 ProcessGPOs: Extension Internet Explorer
Branding skipped with flags 0x10007.
USERENV(104.868) 15:32:00:883 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:883 ProcessGPOs: Processing extension EFS
recovery
USERENV(104.868) 15:32:00:883 CompareGPOLists: The lists are the same.
USERENV(104.868) 15:32:00:883 CheckGPOs: No GPO changes and no security
group membership change and extension EFS recovery has NoGPOChanges
set.
USERENV(104.868) 15:32:00:899 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:899 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:899 ProcessGPOs: Processing extension
Application Management
USERENV(104.868) 15:32:00:899 ProcessGPOs: Extension Application
Management skipped with flags 0x10007.
USERENV(104.868) 15:32:00:899 ProcessGPOs: -----------------------
USERENV(104.868) 15:32:00:899 ProcessGPOs: Processing extension IP
Security
USERENV(104.868) 15:32:00:899 CompareGPOLists: The lists are the same.
USERENV(104.868) 15:32:00:899 CheckGPOs: No GPO changes but couldn't
read extension IP Security's status or policy time.
USERENV(104.868) 15:32:00:899 ProcessGPOs: Extension IP Security
skipped because both deleted and changed GPO lists are empty.
USERENV(104.868) 15:32:00:899 LeaveCriticalPolicySection: Critical
section 0x694 has been released.
USERENV(104.868) 15:32:00:914 ProcessGPOs: Computer Group Policy has
been applied.
USERENV(104.868) 15:32:00:914 ProcessGPOs: Leaving with 1.
USERENV(104.868) 15:32:00:914 GPOThread: Next refresh will happen in 5
minutes
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Scripts ProcessGroupPolicy 4
Error on Domain Controller 2
Windows cannot process extension Folder Redirection 4
Event ID: 102, Access is Denied 1
Unresolved Event ID:1000 error 4
Event ID 1000 is logged on Windows 2000 domain controllers 2
Event Id 1000 every 5 minutes 2
Event ID 1000 Userenv 1

Top