Group Policy processing does not work and events 1030 and 1058 are logged in the Application log of a domain controller (842804)


The information in this article applies to:

  • Microsoft Windows Server 2003, Enterprise Edition
  • Microsoft Windows Server 2003, Standard Edition
  • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Professional
Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry

SYMPTOMS

When you resume a computer that runs Microsoft Windows Server 2003 from standby, the computer may stop responding. Additionally, the "Applying Personal Settings" message box may appear for up to an hour before the desktop appears.

Typically, when you resume a Windows Server 2003-based computer from standby, the computer is locked. You must log on to the computer before you can access the desktop. When this problem occurs, the workstation is not locked, and the Windows Server 2003 logon screen does not appear.

Additionally, you may log the following event messages in the application event log on the domain controller after you restart the Windows Server 2003-based computer:Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1058
Description: Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=domain,DC=com. The file must be present at the location <\\domain\sysvol\domain\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>. (Access is denied. ). Group Policy processing aborted. For more information, see Help and Support Center at http://support.microsoft.com.
or
Description: Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=domain,DC=com. The file must be present at the location <\\domain\sysvol\domain\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>. (The network path was not found. ).Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1030
Description: Windows cannot query for the list of Group Policy objects. A message that describes the reason for this was previously logged by the policy engine. For more information, see Help and Support Center at http://support.microsoft.com. When you turn on user environment (Userenv) logging, domain Distributed File System (DFS) services may not work after the computer resumes from standby. Additionally, you may receive messages that are similar to the following messages in the %SystemRoot%\Debug\UserMode\Userenv.log file.

Note For information about how to turn on Userenv logging, see the Microsoft Knowledge Base article that is referenced in the "References" section.USERENV(1d8.a84) 21:52:58:718 EvaluateDeferredGPOs: Searching for GPOs in cn=policies,cn=system,DC=domain,DC=local
USERENV(1d8.a84) 21:52:58:718 ProcessGPO: Searching <CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=domain,DC=local>
USERENV(1d8.a84) 21:52:58:718 ProcessGPO: Machine has access to this GPO.
USERENV(1d8.a84) 21:52:58:718 ProcessGPO: GPO passes the filter check.
USERENV(1d8.a84) 21:52:58:718 ProcessGPO: Found functionality version of: 2
USERENV(1d8.a84) 21:52:58:718 ProcessGPO: Found file system path of: <\\domain.local\sysvol\domain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}>
USERENV(1d8.a84) 21:52:58:734 ProcessGPO: Couldn't find the group policy template file <\\domain.local\sysvol\domain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>, error = 0x5.

CAUSE

This problem may occur if the winlogon process tries to process group policies before other components are running. The hotfix that this article describes adds more logic to enhance the default behavior of winlogon and of the workstation services.

However, there are several other scenarios that may also cause this problem. Make sure that the following components are started and correctly configured before you apply this hotfix:
  • Netlogon and DFS services are started.
  • Domain controllers have the read and apply rights to the Domain Controllers Policy.
  • NTFS file system permissions and share permissions are set correctly on the Sysvol share.
  • DNS entries are correct for the domain controllers.

RESOLUTION

Windows Server 2003

Service pack information

To resolve this problem, obtain the latest service pack for Windows Server 2003. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

889100 How to obtain the latest service pack for Windows Server 2003


Note After you install the service pack, you still must follow the procedure that is outlined in the "Registry information" section.

Hotfix information

A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Only apply it to systems that are experiencing this specific problem. This hotfix may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next Windows Server 2003 service pack that contains this hotfix.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the hotfix. For a complete list of Microsoft Product Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.PrerequisitesNo prerequisites are required.Restart requirementYou must restart your computer after you apply this hotfix.Hotfix replacement information This hotfix does not replace any other hotfixes.File information The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
Date         Time   Version       Size     File name
   -------------------------------------------------------
   22-Mar-2004  23:18  5.2.3790.140  540,160  Winlogon.exe     
   22-Mar-2004  23:18  5.2.3790.121  126,976  Wkssvc.dll
Registry informationWarning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

Note Follow these steps in Windows Server 2003.

After you apply the hotfix, follow these steps:
  1. Click Start, click Run, in the Open box, type regedit, and then click OK.
  2. In Registry Editor, locate the following registry subkey:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

  3. If the WaitForNetwork entry is missing, you must add the entry. To do this, follow these steps:
    1. Right-click the Winlogon subkey, click New, and then click Dword Value.
    2. In the Value name box, type WaitForNetwork.
  4. Right-click WaitForNetwork, and then click Modify.
  5. In the Edit DWORD Value dialog box, in the Value Data box, type 1, and then click OK.
  6. Quit Registry Editor.

Microsoft Windows XP

Service pack information

To resolve this problem, obtain the latest service pack for Windows XP. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

322389 How to obtain the latest Windows XP service pack

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
This problem was first corrected in Windows Server 2003 Service Pack 1.
This problem was first corrected in Windows XP Service Pack 2.

WORKAROUND

To work around this issue, you can run the Dfsutil.exe file. Microsoft Windows Server 2003 Support Tools includes the Dfsutil.exe file. To install Windows Server 2003 Support Tools, run \\SUPPORT\TOOLS\SUPTOOLS.MSI from your Windows Server 2003 CD-ROM. You can also extract the support tools directly from the \\SUPPORT\TOOLS\SUPPORT.CAB file. To run the Dfsutil.exe file, follow these steps:
  1. Click Start, click Run, type cmd, and click OK.
  2. At the command prompt, type dfsutil /PurgeMupCache, and then press ENTER.
Note: This is only a temporary workaround. It will only help until you restart the comptuer. To fix the problem, install the hotfix package for 842804.

REFERENCES

For more information about enabling user environment logging, click the following article number to view the article in the Microsoft Knowledge Base:

221833 How to enable user environment debug logging in retail builds of Windows

For more information about Event ID 1030 and Event ID 1058, click the following article number to view the article in the Microsoft Knowledge Base:

834649 Client computers record Event ID 1030 and Event ID 1058 when DFS is not started on a Windows 2000-based domain controller

Modification Type:MajorLast Reviewed:9/20/2006
Keywords:kbQFE kbHotfixServer kbWinServ2003preSP1fix kbprb kbBug kbfix kbWin2000preSP5fix KB842804 kbAudEndUser kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.