RE: I'm falling my hairs with this domain gpo problem

From: Dallas Hindle (
Date: 09/23/02

From: "Dallas Hindle" <>
To: "'Gerson Brunhara Guimaraes'" <>, <>
Date: Tue, 24 Sep 2002 07:58:05 +1000

I've had a problem with almost the exact same symptoms as this after, We
eventually were told by Microsoft that the problem was a corruption in
the AD and a rebuild was necessary, Although we got around the problem
by going to a single DC, this meant that the GPO's got applied from the
DC1 and there was no replication with the second DC which allowed the
policies to roll out again.

I'd try going to a single DC by taking the second one down and see what
happens, but be advised that we can no longer ADD DC's to the domain

Dallas Hindle

-----Original Message-----
From: Gerson Brunhara Guimaraes []
Sent: Sunday, 22 September 2002 9:21 AM
Subject: I'm falling my hairs with this domain gpo problem

Hi all,
I'm having problem with a domain policy. It doesn't arriving at w2k

configuration: 2 DCīs W2K Server for Domain1 and 2 DC's W2K Server for
Domain2, both with sp3.
I deployed a domain policy (account policies for computer and adm
for user). I have tested domain1 policy in several ways and all seemed
After one week, I did the same for the 2nd domain, but it was
I didnīt undertand. I checked domain1 and it unhealth too. The gpresult
indicated that the domain gpo had been applied, but it wasn't true. I
changed domain gpo, but nothing happened. All alternatives failed.
Then I decided to restart the servers. After this, I saw gpresult log
only local security policy was explicitly applied. After restart the
servers, only local security policy was showed in the gpresult log (for
domains). Account policy, age, complexity password are on and ok.
domain policy is going well even nothing more than local policy is
into gpresult log.

What I tried?

1. Replmon: ok for all DCīs
2. Gpotool: ok for all policies.
3. Several unsucessfull combinations, disabling the current domain
and creating new ones.
4. Two new different user accounts on four different network computers
each domain.
5. I changed computers name. I removed them from domain and added them
again. Failed too.
6. All event logs are cleaning. No problems related...

When domain1 gpo has been deployed I remember W2K Prof were SP1. Domain2
was deployed after w2k computers have been elevated to sp3. I donīt know
whether itīs a problem or not.

Any help will be apreciated.