Hi. I am running Active Directory 2012 ( with 2 domain controllers ) and suddenly my second domain controller stopped receiving the GPOs in the  SYSVOL\domain\Policies.

When I try to run a gpupdate from one domain computer the following error appear:

Computer policy could not be updated successfully. The following errors were encountered:

The processing of Group Policy failed. Windows attempted to read the file \\domain\SysVol\cilixon.co.mz\Policies\
{E1C7B61D-0134-4A6C-AD79-D253F98EFA41}\gpt.ini from a domain controller and was not successful. Group Policy settings ma
y not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the fol
lowing:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domai
n controller).
c) The Distributed File System (DFS) client has been disabled.
User Policy could not be updated successfully. The following errors were encountered:

The processing of Group Policy failed. Windows attempted to read the file \\domain\SysVol\cilixon.co.mz\Policies\
{E1C7B61D-0134-4A6C-AD79-D253F98EFA41}\gpt.ini from a domain controller and was not successful. Group Policy settings ma
y not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the fol
lowing:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domai
n controller).
c) The Distributed File System (DFS) client has been disabled.

To diagnose the failure, review the event log or run GPRESULT /H GPReport.html from the command line to access informati
on about Group Policy results.

Any ideas?

The error you are encountering is documented here: http://technet.microsoft.com/en-us/library/cc727259(v=WS.10).aspx

this information is not specific to server 2012, but it should still be useful in troubleshooting.

Thanks for your reply.

I am trying to troubleshoot DFS Client but following that guide I cannot find de Registry key DisableDFS below :

• Click Start, and then click Run.
• In the Open box, type regedt32, and then click OK.
• In the Registry Editor window, locate the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mup
• In the right details pane, double-click DisableDFS  ( cannot see this )

Maybe because Im running 2012?

The thing I noticed is that on the main domain controller DC01 I have 4 GPOs on Sysvol\DomainName\Policies and on the second DC02 I just see 2 Policies. From DC02 I am able to go to \\dc01\SYSVOL\domainname\Policies\ and open each one of the policies so its not a reading problem.

Anything else?

Hi,

You can try these steps to troubleshoot:

• You can also try to refer to this article to troubleshoot :

http://rawtechnology.blogspot.in/2012/10/sysvol-replication-issue-processing-of.html

• To enforce sync DFS replication, in case the problem is caused by File Replication Service Latency. You can refer to this article:

http://support.microsoft.com/kb/2218556/en-us

I hope this helps.

I am getting this when i try force resync.

C:\Windows\system32>net stop ntfrs
The File Replication service is not started.

C:\Windows\system32>net start ntfrs
System error 1058 has occurred.

The service cannot be started, either because it is disabled or because it has n
o enabled devices associated with it.

Guess that is a replication service issue. Any help with this?

Thanks

The service on Windows 2012 is dfsr and not ntfrs.

Also the default domain policy gpt.ini shows version 2 on the main domain controller while. On the second DC shows version 1. They are not in sync and I guess thats preventing all other GPOs to sync.

Is there a way I can force a GPO resync? Can I just copy the GPOs from the original DC to the other?

Thanks