Problems in using IGroupPolicyObject interface.

From: V Ravikiran (
Date: 05/19/03

Date: Mon, 19 May 2003 17:05:58 +0530

    We are facing a problem in using IGroupPolicyObject interface for
    creating group policies.

    The problems happens when 2 sites (Site1 and Site 2) in 2 different LAN
    have 2 Domain controllers (DC1 and DC2).

    DC1 is in Site 1 and is the Schema Master.
    DC2 is in Site 2 and is promoted to a DC second.

    The program which is using IGroupPolicyObject is running on a machine
(not DC2)
    in Site 2.

    The code looks something like this.

    CoCreateInstance(.., IID_IGroupPolicyObject, ..., &pGPO);
    pGPO->New(<Bindpath binding to DC1>, <GP Name>, GPO_OPEN_READ_ONLY );
// GPO_OPEN_READ_ONLY is passed becuase New fails with
// "The system cannot find the path specified. " (0x80070003) if

// Since save can be called only with GPO opened with
// open the GPO again.
    CoCreateInstance(.., IID_IGroupPolicyObject, ..., &pGPO);
    pGPO->OpenDSGPO(<BindPath binding to DC1 including the GPO being bound

    This code works fine if there is only one DC or if all the DCs are in
the same site.
    But in the case mentioned above, pGPO->New binds to the DC1 but
    seems to ignore the bind string and tries to bind to DC2 (the nearest
    Since replication hasn't yet happened, it fails.

    Is this a problem in OpenDSGPO not binding correctly?
    Has anyone else faced this before?

Another question:
    Does no one else use IGroupPolicyObject? I find so little information on
the web
    3 years after the interface is publised!!!

Thanks in anticipation,
Best Regards,

PS: If you want to contact me directly, please remove the .net at the end of
the mail address.