Group Policy Files (SYSVOL) Corrupt

[Guest]

Archived from groups: microsoft.public.win2000.group_policy (More info?)

I have recentally started work at a company that has a "challenged" Active
Directory installation.
There are no backups and it has been limping along for a bit over a year,
one of the main problems was it had lost the files from SYSVOL which I
restored to find they were full of all sorts of deleted object references
and suchlike which filled up the application logs with SceCli 1202 messages
in no time at all.
I deleted all references to other group policy objects and manually deleted
their respective containers (replication is not working.) and then picked
through the remaining default policy files and deleted any "SID not Found"
references and ran an inspection of the security logs for event failures
which refenced an account called NetShowServices"...etc...etc...

Can one simply copy a freshly recreated pair of default containers
({31B2F... & {6AC17...) to SYSVOL and then get things working from there?
What other dependent files and setting will be required to do this?

 

[Guest]

Archived from groups: microsoft.public.win2000.group_policy (More info?)

IF these are the default GPOs (Domain and Domain Controllers, which it looks
like they are from the beginning of the GUID you posted) then you may want
to check out DCGPOFIX. You can find it on technet...

Kevin

"Steve Buckley" <noname@anonymous.com> wrote in message
news:uCi8q55TFHA.3544@TK2MSFTNGP12.phx.gbl...
>I have recentally started work at a company that has a "challenged" Active
>Directory installation.
> There are no backups and it has been limping along for a bit over a year,
> one of the main problems was it had lost the files from SYSVOL which I
> restored to find they were full of all sorts of deleted object references
> and suchlike which filled up the application logs with SceCli 1202
> messages in no time at all.
> I deleted all references to other group policy objects and manually
> deleted their respective containers (replication is not working.) and then
> picked through the remaining default policy files and deleted any "SID not
> Found" references and ran an inspection of the security logs for event
> failures which refenced an account called NetShowServices"...etc...etc...
>
> Can one simply copy a freshly recreated pair of default containers
> ({31B2F... & {6AC17...) to SYSVOL and then get things working from there?
> What other dependent files and setting will be required to do this?
>

 

[Guest]

Archived from groups: microsoft.public.win2000.group_policy (More info?)

Thanks, this looks pretty much like what I need although I have a feeling
that many machines have abnormal settings already applied to Local Policies
(I'll cross that bridge later...)

"Kevin Sullivan" <ksullivan@autoprof.com> wrote in message
news:OahT4kJUFHA.3140@TK2MSFTNGP14.phx.gbl...
> IF these are the default GPOs (Domain and Domain Controllers, which it
> looks like they are from the beginning of the GUID you posted) then you
> may want to check out DCGPOFIX. You can find it on technet...
>
> Kevin
>
> "Steve Buckley" <noname@anonymous.com> wrote in message
> news:uCi8q55TFHA.3544@TK2MSFTNGP12.phx.gbl...
>>I have recentally started work at a company that has a "challenged" Active
>>Directory installation.
>> There are no backups and it has been limping along for a bit over a year,
>> one of the main problems was it had lost the files from SYSVOL which I
>> restored to find they were full of all sorts of deleted object references
>> and suchlike which filled up the application logs with SceCli 1202
>> messages in no time at all.
>> I deleted all references to other group policy objects and manually
>> deleted their respective containers (replication is not working.) and
>> then picked through the remaining default policy files and deleted any
>> "SID not Found" references and ran an inspection of the security logs for
>> event failures which refenced an account called
>> NetShowServices"...etc...etc...
>>
>> Can one simply copy a freshly recreated pair of default containers
>> ({31B2F... & {6AC17...) to SYSVOL and then get things working from there?
>> What other dependent files and setting will be required to do this?
>>
>
>

 

[Guest]

Archived from groups: microsoft.public.win2000.group_policy (More info?)

Ooops...it only works on Windows 2003, the Domain is currently Winows 2000
(mixed mode.)
Good to see there is a tool available now in any case.
If I built a server from scratch and created a new domain in a completely
seperate forest etc... then I should be able to just copy the containers off
that machine onto a trusty 3.5 floppy and overwrite/delete the ones on the
live Domain...or not?
The container references aren't in any way specific to an individual domain
as long as the Schemas are the same ...or are they?
This, for all its worth "apears" to be what the recovery tool does.
....ummm cross your fingers?

"Kevin Sullivan" <ksullivan@autoprof.com> wrote in message
news:OahT4kJUFHA.3140@TK2MSFTNGP14.phx.gbl...
> IF these are the default GPOs (Domain and Domain Controllers, which it
> looks like they are from the beginning of the GUID you posted) then you
> may want to check out DCGPOFIX. You can find it on technet...
>
> Kevin
>
> "Steve Buckley" <noname@anonymous.com> wrote in message
> news:uCi8q55TFHA.3544@TK2MSFTNGP12.phx.gbl...
>>I have recentally started work at a company that has a "challenged" Active
>>Directory installation.
>> There are no backups and it has been limping along for a bit over a year,
>> one of the main problems was it had lost the files from SYSVOL which I
>> restored to find they were full of all sorts of deleted object references
>> and suchlike which filled up the application logs with SceCli 1202
>> messages in no time at all.
>> I deleted all references to other group policy objects and manually
>> deleted their respective containers (replication is not working.) and
>> then picked through the remaining default policy files and deleted any
>> "SID not Found" references and ran an inspection of the security logs for
>> event failures which refenced an account called
>> NetShowServices"...etc...etc...
>>
>> Can one simply copy a freshly recreated pair of default containers
>> ({31B2F... & {6AC17...) to SYSVOL and then get things working from there?
>> What other dependent files and setting will be required to do this?
>>
>
>

 

[Guest]

Archived from groups: microsoft.public.win2000.group_policy (More info?)

<selfquote> If I built a server from scratch ....

Hell no it doesn't!
All sorts of scary errors...do not try the above at home.

Luckily however there is this...
http://support.microsoft.com/default.aspx?scid=kb;en-us;830062
and this
http://support.microsoft.com/default.aspx?scid=kb;en-us;316790
Works a treat...non fattening too.
And I get Sunday off.
WhooHoo.

Thanks Kevin.

"Steve Buckley" <noname@anonymous.com> wrote in message
news:%23$GYNXeUFHA.900@TK2MSFTNGP10.phx.gbl...
> Ooops...it only works on Windows 2003, the Domain is currently Winows 2000
> (mixed mode.)
> Good to see there is a tool available now in any case.
> If I built a server from scratch and created a new domain in a completely
> seperate forest etc... then I should be able to just copy the containers
> off that machine onto a trusty 3.5 floppy and overwrite/delete the ones on
> the live Domain...or not?
> The container references aren't in any way specific to an individual
> domain as long as the Schemas are the same ...or are they?
> This, for all its worth "apears" to be what the recovery tool does.
> ...ummm cross your fingers?
>
> "Kevin Sullivan" <ksullivan@autoprof.com> wrote in message
> news:OahT4kJUFHA.3140@TK2MSFTNGP14.phx.gbl...
>> IF these are the default GPOs (Domain and Domain Controllers, which it
>> looks like they are from the beginning of the GUID you posted) then you
>> may want to check out DCGPOFIX. You can find it on technet...
>>
>> Kevin
>>
>> "Steve Buckley" <noname@anonymous.com> wrote in message
>> news:uCi8q55TFHA.3544@TK2MSFTNGP12.phx.gbl...
>>>I have recentally started work at a company that has a "challenged"
>>>Active Directory installation.
>>> There are no backups and it has been limping along for a bit over a
>>> year, one of the main problems was it had lost the files from SYSVOL
>>> which I restored to find they were full of all sorts of deleted object
>>> references and suchlike which filled up the application logs with SceCli
>>> 1202 messages in no time at all.
>>> I deleted all references to other group policy objects and manually
>>> deleted their respective containers (replication is not working.) and
>>> then picked through the remaining default policy files and deleted any
>>> "SID not Found" references and ran an inspection of the security logs
>>> for event failures which refenced an account called
>>> NetShowServices"...etc...etc...
>>>
>>> Can one simply copy a freshly recreated pair of default containers
>>> ({31B2F... & {6AC17...) to SYSVOL and then get things working from
>>> there?
>>> What other dependent files and setting will be required to do this?
>>>
>>
>>
>
>