Security Policy Is not opening.

Archived from groups: microsoft.public.win2000.security (More info?)

Hi

I have Win2000 Domain Controller logged in as domain administrators.

Problem is : I could not able to open Domain Security Policy or Domain
Controller Security Policy. We would like to apply some policies. But Domain
Default Policy Editor is not opening at all.

Its showing a message like "you dont have appropriate permissions.
Details : The System Cannot find path." That is the message i m getting
whenever i tried to open Domain Security Policy and Domain Security Policy.

Please help me in this.

Thanks and Regards
Rajam.
9 answers Last reply
More about security policy opening
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    That could be a dns problem or a problem with the existence of the sysvol
    share or permissions for it. From any domain computer you should be able to
    access the sysvol share by entering in the run box
    \\domaincontrollername\sysvol. Run the support tools netdiag and dcdiag on
    the domain controller looking for pertinent problems and also check Event
    Viewer for Event ID's than may detail a related problem. Support tools are
    on the install disk in the support/tools folder. See the link below on dns
    to make sure your dns is correctly configured for the domain and NEVER list
    an ISP dns server as a preferred dns server in tcp/ip properties of any
    domain computer or computer you are trying to join to the domain. --- Steve

    http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382

    "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    news:AF5B03FD-BFDF-4BCF-8150-8C514F1F88AE@microsoft.com...
    > Hi
    >
    > I have Win2000 Domain Controller logged in as domain administrators.
    >
    > Problem is : I could not able to open Domain Security Policy or Domain
    > Controller Security Policy. We would like to apply some policies. But
    > Domain
    > Default Policy Editor is not opening at all.
    >
    > Its showing a message like "you dont have appropriate permissions.
    > Details : The System Cannot find path." That is the message i m getting
    > whenever i tried to open Domain Security Policy and Domain Security
    > Policy.
    >
    > Please help me in this.
    >
    > Thanks and Regards
    > Rajam.
    >
  2. Archived from groups: microsoft.public.win2000.security (More info?)

    Hi Steven

    Thanx for your kind suggestion. But we tried Netdiag and Dcdiag tools. But
    we couldn't find any problems in it. We are not using ISP IP as DNS server
    address. What we are suspecting is might be some policies are applied on
    Administrator account. Pls kindly let me know is there any other solution to
    opening Security Policies like Domain Security Policy and Domain Controller
    Security Policy in Domain Controller or Additional Domain Controller.
    Waiting for your reply.

    Thanks and Regards
    Rajam

    "Steven L Umbach" wrote:

    > That could be a dns problem or a problem with the existence of the sysvol
    > share or permissions for it. From any domain computer you should be able to
    > access the sysvol share by entering in the run box
    > \\domaincontrollername\sysvol. Run the support tools netdiag and dcdiag on
    > the domain controller looking for pertinent problems and also check Event
    > Viewer for Event ID's than may detail a related problem. Support tools are
    > on the install disk in the support/tools folder. See the link below on dns
    > to make sure your dns is correctly configured for the domain and NEVER list
    > an ISP dns server as a preferred dns server in tcp/ip properties of any
    > domain computer or computer you are trying to join to the domain. --- Steve
    >
    > http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382
    >
    > "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    > news:AF5B03FD-BFDF-4BCF-8150-8C514F1F88AE@microsoft.com...
    > > Hi
    > >
    > > I have Win2000 Domain Controller logged in as domain administrators.
    > >
    > > Problem is : I could not able to open Domain Security Policy or Domain
    > > Controller Security Policy. We would like to apply some policies. But
    > > Domain
    > > Default Policy Editor is not opening at all.
    > >
    > > Its showing a message like "you dont have appropriate permissions.
    > > Details : The System Cannot find path." That is the message i m getting
    > > whenever i tried to open Domain Security Policy and Domain Security
    > > Policy.
    > >
    > > Please help me in this.
    > >
    > > Thanks and Regards
    > > Rajam.
    > >
    >
    >
    >
  3. Archived from groups: microsoft.public.win2000.security (More info?)

    Well good to hear that your dns seems to working correctly. See if anything
    unusual shows in the application or system logs in Event Viewer and try
    accessing the sysvol share as I explained before to see first if you can
    access it and then if you can try to navigate to those policies via domain
    name\policies\31B2F....\machine\Microsoft\Windows NT\SecEdit where you
    should see and be able to open the GptTmpl.inf file there. The policy
    starting 31B2F.... is the default domain Group Policy. Also try running the
    support tool gpotool to see if it shows at least two Group Policies and if
    any problems are reported as far as version numbers. Another thing to check
    is to Use Active Directory Users and Computers. Then find your domain, right
    click and select properties/Group Policy where you should see default domain
    policy. For it select properties/security to make sure that domain admins
    have necessary permissions which need to be at least read and write to edit
    the Group Policy. Verify that domain admins global group is a member of the
    administrators group and that you are logged on as a member of the domain
    admins group. --- Steve


    "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    news:B72B0975-D61E-4826-93EA-BBDECB3FFE11@microsoft.com...
    > Hi Steven
    >
    > Thanx for your kind suggestion. But we tried Netdiag and Dcdiag tools. But
    > we couldn't find any problems in it. We are not using ISP IP as DNS server
    > address. What we are suspecting is might be some policies are applied on
    > Administrator account. Pls kindly let me know is there any other solution
    > to
    > opening Security Policies like Domain Security Policy and Domain
    > Controller
    > Security Policy in Domain Controller or Additional Domain Controller.
    > Waiting for your reply.
    >
    > Thanks and Regards
    > Rajam
    >
    > "Steven L Umbach" wrote:
    >
    >> That could be a dns problem or a problem with the existence of the sysvol
    >> share or permissions for it. From any domain computer you should be able
    >> to
    >> access the sysvol share by entering in the run box
    >> \\domaincontrollername\sysvol. Run the support tools netdiag and dcdiag
    >> on
    >> the domain controller looking for pertinent problems and also check Event
    >> Viewer for Event ID's than may detail a related problem. Support tools
    >> are
    >> on the install disk in the support/tools folder. See the link below on
    >> dns
    >> to make sure your dns is correctly configured for the domain and NEVER
    >> list
    >> an ISP dns server as a preferred dns server in tcp/ip properties of any
    >> domain computer or computer you are trying to join to the domain. ---
    >> Steve
    >>
    >> http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382
    >>
    >> "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    >> news:AF5B03FD-BFDF-4BCF-8150-8C514F1F88AE@microsoft.com...
    >> > Hi
    >> >
    >> > I have Win2000 Domain Controller logged in as domain administrators.
    >> >
    >> > Problem is : I could not able to open Domain Security Policy or Domain
    >> > Controller Security Policy. We would like to apply some policies. But
    >> > Domain
    >> > Default Policy Editor is not opening at all.
    >> >
    >> > Its showing a message like "you dont have appropriate permissions.
    >> > Details : The System Cannot find path." That is the message i m
    >> > getting
    >> > whenever i tried to open Domain Security Policy and Domain Security
    >> > Policy.
    >> >
    >> > Please help me in this.
    >> >
    >> > Thanks and Regards
    >> > Rajam.
    >> >
    >>
    >>
    >>
  4. Archived from groups: microsoft.public.win2000.security (More info?)

    Hi Steven

    Thanks for your reply. Actually we checked for that policy which u mentioned
    previously. Actually we dint find that policy in the Domain Controllers
    Sysvol folder. If we try to change the settings of Default Domain Policy
    properties also its saying u cannot access that file. We ran GPOTool also. It
    has given some errors on this Default Domain Policy. I am sending that report
    with this mail. Pls look into it and give me the suggestion on this. Is it
    possible to create that Domain Default Policy. If its possible pls give me
    the clear procedure for that. Waiting for your reply. Pls find the GPO Report.
    This is the report we got it when we ran GPOTool.

    Domain: sprosys.com
    Validating DCs...
    spro.sprosys.com: OK
    softpro.sprosys.com: OK
    Available DCs:
    spro.sprosys.com
    softpro.sprosys.com
    Searching for policies...
    Found 7 policies
    ============================================================
    Policy {0196EEA9-48D4-480E-8961-2E5E2C35D891}
    Policy OK
    Details:
    ------------------------------------------------------------
    DC: spro.sprosys.com
    Friendly name: AccountTracking
    Created: 4/26/2005 6:22:38 AM
    Changed: 4/28/2005 10:05:15 AM
    DS version: 0(user) 0(machine)
    Sysvol version: 0(user) 0(machine)
    Flags: 0
    User extensions: not found
    Machine extensions: not found
    Functionality version: 2
    ------------------------------------------------------------
    ------------------------------------------------------------
    DC: softpro.sprosys.com
    Friendly name: AccountTracking
    Created: 4/26/2005 6:22:38 AM
    Changed: 4/28/2005 10:01:39 AM
    DS version: 0(user) 0(machine)
    Sysvol version: 0(user) 0(machine)
    Flags: 0
    User extensions: not found
    Machine extensions: not found
    Functionality version: 2
    ------------------------------------------------------------
    ============================================================
    Policy {07DDE52B-4D39-4007-BB66-B37887143BE7}
    Policy OK
    Details:
    ------------------------------------------------------------
    DC: spro.sprosys.com
    Friendly name: Terminal
    Created: 2/28/2005 2:24:50 PM
    Changed: 4/28/2005 10:05:15 AM
    DS version: 33(user) 3(machine)
    Sysvol version: 33(user) 3(machine)
    Flags: 0
    User extensions:
    [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    Machine extensions:
    [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
    Functionality version: 2
    ------------------------------------------------------------
    ------------------------------------------------------------
    DC: softpro.sprosys.com
    Friendly name: Terminal
    Created: 2/28/2005 2:24:50 PM
    Changed: 4/28/2005 10:01:29 AM
    DS version: 33(user) 3(machine)
    Sysvol version: 33(user) 3(machine)
    Flags: 0
    User extensions:
    [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    Machine extensions:
    [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
    Functionality version: 2
    ------------------------------------------------------------
    ============================================================
    Policy {277C0E32-FC88-483F-BD63-EDA7DBA00770}
    Policy OK
    Details:
    ------------------------------------------------------------
    DC: spro.sprosys.com
    Friendly name: Terminal
    Created: 2/28/2005 2:23:24 PM
    Changed: 4/28/2005 10:05:15 AM
    DS version: 0(user) 0(machine)
    Sysvol version: 0(user) 0(machine)
    Flags: 0
    User extensions: not found
    Machine extensions: not found
    Functionality version: 2
    ------------------------------------------------------------
    ------------------------------------------------------------
    DC: softpro.sprosys.com
    Friendly name: Terminal
    Created: 2/28/2005 2:23:24 PM
    Changed: 4/28/2005 10:01:22 AM
    DS version: 0(user) 0(machine)
    Sysvol version: 0(user) 0(machine)
    Flags: 0
    User extensions: not found
    Machine extensions: not found
    Functionality version: 2
    ------------------------------------------------------------
    ============================================================
    Policy {31B2F340-016D-11D2-945F-00C04FB984F9}
    Error: Cannot access
    \\spro.sprosys.com\sysvol\sprosys.com\policies\{31B2F340-016D-11D2-945F-00C04FB984F9}, error 2
    Error: Cannot access
    \\softpro.sprosys.com\sysvol\sprosys.com\policies\{31B2F340-016D-11D2-945F-00C04FB984F9}, error 2
    Details:
    ------------------------------------------------------------
    DC: spro.sprosys.com
    Friendly name: Default Domain Policy
    Created: 10/12/2004 4:37:20 PM
    Changed: 4/30/2005 7:28:50 AM
    DS version: 1(user) 3(machine)
    Sysvol version: not found
    Flags: 0
    User extensions:
    [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]
    Machine extensions:
    [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]
    Functionality version: 2
    ------------------------------------------------------------
    ------------------------------------------------------------
    DC: softpro.sprosys.com
    Friendly name: Default Domain Policy
    Created: 10/12/2004 4:37:20 PM
    Changed: 4/30/2005 7:29:56 AM
    DS version: 1(user) 3(machine)
    Sysvol version: not found
    Flags: 0
    User extensions:
    [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]
    Machine extensions:
    [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]
    Functionality version: 2
    ------------------------------------------------------------
    ============================================================
    Policy {5176A5A6-48DD-4A96-8405-A815C10B7EA8}
    Policy OK
    Details:
    ------------------------------------------------------------
    DC: spro.sprosys.com
    Friendly name: terminal
    Created: 2/28/2005 12:22:15 PM
    Changed: 4/28/2005 10:05:15 AM
    DS version: 1(user) 0(machine)
    Sysvol version: 1(user) 0(machine)
    Flags: 0
    User extensions:
    [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    Machine extensions: not found
    Functionality version: 2
    ------------------------------------------------------------
    ------------------------------------------------------------
    DC: softpro.sprosys.com
    Friendly name: terminal
    Created: 2/28/2005 12:22:15 PM
    Changed: 4/28/2005 10:01:08 AM
    DS version: 1(user) 0(machine)
    Sysvol version: 1(user) 0(machine)
    Flags: 0
    User extensions:
    [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    Machine extensions: not found
    Functionality version: 2
    ------------------------------------------------------------
    ============================================================
    Policy {6AC1786C-016F-11D2-945F-00C04FB984F9}
    Error: Cannot access
    \\spro.sprosys.com\sysvol\sprosys.com\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}, error 2
    Error: Cannot access
    \\softpro.sprosys.com\sysvol\sprosys.com\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}, error 2
    Details:
    ------------------------------------------------------------
    DC: spro.sprosys.com
    Friendly name: Default Domain Controllers Policy
    Created: 10/12/2004 4:37:20 PM
    Changed: 4/28/2005 10:05:15 AM
    DS version: 0(user) 4(machine)
    Sysvol version: not found
    Flags: 0
    User extensions: not found
    Machine extensions:
    [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    Functionality version: 2
    ------------------------------------------------------------
    ------------------------------------------------------------
    DC: softpro.sprosys.com
    Friendly name: Default Domain Controllers Policy
    Created: 10/12/2004 4:37:20 PM
    Changed: 4/28/2005 10:01:01 AM
    DS version: 0(user) 4(machine)
    Sysvol version: not found
    Flags: 0
    User extensions: not found
    Machine extensions:
    [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    Functionality version: 2
    ------------------------------------------------------------
    ============================================================
    Policy {E3668F2C-D789-4A77-822D-DEABB4B9A657}
    Policy OK
    Details:
    ------------------------------------------------------------
    DC: spro.sprosys.com
    Friendly name: New Group Policy Object
    Created: 4/27/2005 3:54:32 AM
    Changed: 4/28/2005 10:05:15 AM
    DS version: 0(user) 34(machine)
    Sysvol version: 0(user) 34(machine)
    Flags: 0
    User extensions: not found
    Machine extensions:
    [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    Functionality version: 2
    ------------------------------------------------------------
    ------------------------------------------------------------
    DC: softpro.sprosys.com
    Friendly name: New Group Policy Object
    Created: 4/27/2005 3:54:32 AM
    Changed: 4/28/2005 10:00:51 AM
    DS version: 0(user) 34(machine)
    Sysvol version: 0(user) 34(machine)
    Flags: 0
    User extensions: not found
    Machine extensions:
    [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    Functionality version: 2
    ------------------------------------------------------------

    Errors found

    Thanks and Regards
    Rajam.


    "Steven L Umbach" wrote:

    > Well good to hear that your dns seems to working correctly. See if anything
    > unusual shows in the application or system logs in Event Viewer and try
    > accessing the sysvol share as I explained before to see first if you can
    > access it and then if you can try to navigate to those policies via domain
    > name\policies\31B2F....\machine\Microsoft\Windows NT\SecEdit where you
    > should see and be able to open the GptTmpl.inf file there. The policy
    > starting 31B2F.... is the default domain Group Policy. Also try running the
    > support tool gpotool to see if it shows at least two Group Policies and if
    > any problems are reported as far as version numbers. Another thing to check
    > is to Use Active Directory Users and Computers. Then find your domain, right
    > click and select properties/Group Policy where you should see default domain
    > policy. For it select properties/security to make sure that domain admins
    > have necessary permissions which need to be at least read and write to edit
    > the Group Policy. Verify that domain admins global group is a member of the
    > administrators group and that you are logged on as a member of the domain
    > admins group. --- Steve
    >
    >
    > "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    > news:B72B0975-D61E-4826-93EA-BBDECB3FFE11@microsoft.com...
    > > Hi Steven
    > >
    > > Thanx for your kind suggestion. But we tried Netdiag and Dcdiag tools. But
    > > we couldn't find any problems in it. We are not using ISP IP as DNS server
    > > address. What we are suspecting is might be some policies are applied on
    > > Administrator account. Pls kindly let me know is there any other solution
    > > to
    > > opening Security Policies like Domain Security Policy and Domain
    > > Controller
    > > Security Policy in Domain Controller or Additional Domain Controller.
    > > Waiting for your reply.
    > >
    > > Thanks and Regards
    > > Rajam
    > >
    > > "Steven L Umbach" wrote:
    > >
    > >> That could be a dns problem or a problem with the existence of the sysvol
    > >> share or permissions for it. From any domain computer you should be able
    > >> to
    > >> access the sysvol share by entering in the run box
    > >> \\domaincontrollername\sysvol. Run the support tools netdiag and dcdiag
    > >> on
    > >> the domain controller looking for pertinent problems and also check Event
    > >> Viewer for Event ID's than may detail a related problem. Support tools
    > >> are
    > >> on the install disk in the support/tools folder. See the link below on
    > >> dns
    > >> to make sure your dns is correctly configured for the domain and NEVER
    > >> list
    > >> an ISP dns server as a preferred dns server in tcp/ip properties of any
    > >> domain computer or computer you are trying to join to the domain. ---
    > >> Steve
    > >>
    > >> http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382
    > >>
    > >> "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    > >> news:AF5B03FD-BFDF-4BCF-8150-8C514F1F88AE@microsoft.com...
    > >> > Hi
    > >> >
    > >> > I have Win2000 Domain Controller logged in as domain administrators.
    > >> >
    > >> > Problem is : I could not able to open Domain Security Policy or Domain
    > >> > Controller Security Policy. We would like to apply some policies. But
    > >> > Domain
    > >> > Default Policy Editor is not opening at all.
    > >> >
    > >> > Its showing a message like "you dont have appropriate permissions.
    > >> > Details : The System Cannot find path." That is the message i m
    > >> > getting
    > >> > whenever i tried to open Domain Security Policy and Domain Security
    > >> > Policy.
    > >> >
    > >> > Please help me in this.
    > >> >
    > >> > Thanks and Regards
    > >> > Rajam.
    > >> >
    > >>
    > >>
    > >>
    >
    >
    >
  5. Archived from groups: microsoft.public.win2000.security (More info?)

    Well it certainly looks like you have a problem with the two default
    policies for domain and domain controller. One solution could be to an
    authoritative restore of Active Directory from a System State backup from a
    time before this problem occurred. if it is a fairly recent problem then
    that may be a good solution assuming you have the System State backups.
    Another possibility that I can think of is to use a free tool from Microsoft
    to rebuild those two policies called RecreateDefpol.EX. The link for it is
    below and be sure to read the instructions and warnings. That is what I
    would try. You may however want to post in the Active Directory newsgroup to
    see if they have any further suggestions or alternatives. --- Steve

    http://www.microsoft.com/downloads/details.aspx?FamilyID=b5b685ae-b7dd-4bb5-ab2a-976d6873129d&displaylang=en

    "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    news:68CA3690-3D4C-4899-9AEA-0A5CCAE1F21B@microsoft.com...
    > Hi Steven
    >
    > Thanks for your reply. Actually we checked for that policy which u
    > mentioned
    > previously. Actually we dint find that policy in the Domain Controllers
    > Sysvol folder. If we try to change the settings of Default Domain Policy
    > properties also its saying u cannot access that file. We ran GPOTool also.
    > It
    > has given some errors on this Default Domain Policy. I am sending that
    > report
    > with this mail. Pls look into it and give me the suggestion on this. Is it
    > possible to create that Domain Default Policy. If its possible pls give me
    > the clear procedure for that. Waiting for your reply. Pls find the GPO
    > Report.
    > This is the report we got it when we ran GPOTool.
    >
    > Domain: sprosys.com
    > Validating DCs...
    > spro.sprosys.com: OK
    > softpro.sprosys.com: OK
    > Available DCs:
    > spro.sprosys.com
    > softpro.sprosys.com
    > Searching for policies...
    > Found 7 policies
    > ============================================================
    > Policy {0196EEA9-48D4-480E-8961-2E5E2C35D891}
    > Policy OK
    > Details:
    > ------------------------------------------------------------
    > DC: spro.sprosys.com
    > Friendly name: AccountTracking
    > Created: 4/26/2005 6:22:38 AM
    > Changed: 4/28/2005 10:05:15 AM
    > DS version: 0(user) 0(machine)
    > Sysvol version: 0(user) 0(machine)
    > Flags: 0
    > User extensions: not found
    > Machine extensions: not found
    > Functionality version: 2
    > ------------------------------------------------------------
    > ------------------------------------------------------------
    > DC: softpro.sprosys.com
    > Friendly name: AccountTracking
    > Created: 4/26/2005 6:22:38 AM
    > Changed: 4/28/2005 10:01:39 AM
    > DS version: 0(user) 0(machine)
    > Sysvol version: 0(user) 0(machine)
    > Flags: 0
    > User extensions: not found
    > Machine extensions: not found
    > Functionality version: 2
    > ------------------------------------------------------------
    > ============================================================
    > Policy {07DDE52B-4D39-4007-BB66-B37887143BE7}
    > Policy OK
    > Details:
    > ------------------------------------------------------------
    > DC: spro.sprosys.com
    > Friendly name: Terminal
    > Created: 2/28/2005 2:24:50 PM
    > Changed: 4/28/2005 10:05:15 AM
    > DS version: 33(user) 3(machine)
    > Sysvol version: 33(user) 3(machine)
    > Flags: 0
    > User extensions:
    > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    > Machine extensions:
    > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
    > Functionality version: 2
    > ------------------------------------------------------------
    > ------------------------------------------------------------
    > DC: softpro.sprosys.com
    > Friendly name: Terminal
    > Created: 2/28/2005 2:24:50 PM
    > Changed: 4/28/2005 10:01:29 AM
    > DS version: 33(user) 3(machine)
    > Sysvol version: 33(user) 3(machine)
    > Flags: 0
    > User extensions:
    > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    > Machine extensions:
    > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
    > Functionality version: 2
    > ------------------------------------------------------------
    > ============================================================
    > Policy {277C0E32-FC88-483F-BD63-EDA7DBA00770}
    > Policy OK
    > Details:
    > ------------------------------------------------------------
    > DC: spro.sprosys.com
    > Friendly name: Terminal
    > Created: 2/28/2005 2:23:24 PM
    > Changed: 4/28/2005 10:05:15 AM
    > DS version: 0(user) 0(machine)
    > Sysvol version: 0(user) 0(machine)
    > Flags: 0
    > User extensions: not found
    > Machine extensions: not found
    > Functionality version: 2
    > ------------------------------------------------------------
    > ------------------------------------------------------------
    > DC: softpro.sprosys.com
    > Friendly name: Terminal
    > Created: 2/28/2005 2:23:24 PM
    > Changed: 4/28/2005 10:01:22 AM
    > DS version: 0(user) 0(machine)
    > Sysvol version: 0(user) 0(machine)
    > Flags: 0
    > User extensions: not found
    > Machine extensions: not found
    > Functionality version: 2
    > ------------------------------------------------------------
    > ============================================================
    > Policy {31B2F340-016D-11D2-945F-00C04FB984F9}
    > Error: Cannot access
    > \\spro.sprosys.com\sysvol\sprosys.com\policies\{31B2F340-016D-11D2-945F-00C04FB984F9},
    > error 2
    > Error: Cannot access
    > \\softpro.sprosys.com\sysvol\sprosys.com\policies\{31B2F340-016D-11D2-945F-00C04FB984F9},
    > error 2
    > Details:
    > ------------------------------------------------------------
    > DC: spro.sprosys.com
    > Friendly name: Default Domain Policy
    > Created: 10/12/2004 4:37:20 PM
    > Changed: 4/30/2005 7:28:50 AM
    > DS version: 1(user) 3(machine)
    > Sysvol version: not found
    > Flags: 0
    > User extensions:
    > [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]
    > Machine extensions:
    > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]
    > Functionality version: 2
    > ------------------------------------------------------------
    > ------------------------------------------------------------
    > DC: softpro.sprosys.com
    > Friendly name: Default Domain Policy
    > Created: 10/12/2004 4:37:20 PM
    > Changed: 4/30/2005 7:29:56 AM
    > DS version: 1(user) 3(machine)
    > Sysvol version: not found
    > Flags: 0
    > User extensions:
    > [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]
    > Machine extensions:
    > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]
    > Functionality version: 2
    > ------------------------------------------------------------
    > ============================================================
    > Policy {5176A5A6-48DD-4A96-8405-A815C10B7EA8}
    > Policy OK
    > Details:
    > ------------------------------------------------------------
    > DC: spro.sprosys.com
    > Friendly name: terminal
    > Created: 2/28/2005 12:22:15 PM
    > Changed: 4/28/2005 10:05:15 AM
    > DS version: 1(user) 0(machine)
    > Sysvol version: 1(user) 0(machine)
    > Flags: 0
    > User extensions:
    > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    > Machine extensions: not found
    > Functionality version: 2
    > ------------------------------------------------------------
    > ------------------------------------------------------------
    > DC: softpro.sprosys.com
    > Friendly name: terminal
    > Created: 2/28/2005 12:22:15 PM
    > Changed: 4/28/2005 10:01:08 AM
    > DS version: 1(user) 0(machine)
    > Sysvol version: 1(user) 0(machine)
    > Flags: 0
    > User extensions:
    > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    > Machine extensions: not found
    > Functionality version: 2
    > ------------------------------------------------------------
    > ============================================================
    > Policy {6AC1786C-016F-11D2-945F-00C04FB984F9}
    > Error: Cannot access
    > \\spro.sprosys.com\sysvol\sprosys.com\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9},
    > error 2
    > Error: Cannot access
    > \\softpro.sprosys.com\sysvol\sprosys.com\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9},
    > error 2
    > Details:
    > ------------------------------------------------------------
    > DC: spro.sprosys.com
    > Friendly name: Default Domain Controllers Policy
    > Created: 10/12/2004 4:37:20 PM
    > Changed: 4/28/2005 10:05:15 AM
    > DS version: 0(user) 4(machine)
    > Sysvol version: not found
    > Flags: 0
    > User extensions: not found
    > Machine extensions:
    > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    > Functionality version: 2
    > ------------------------------------------------------------
    > ------------------------------------------------------------
    > DC: softpro.sprosys.com
    > Friendly name: Default Domain Controllers Policy
    > Created: 10/12/2004 4:37:20 PM
    > Changed: 4/28/2005 10:01:01 AM
    > DS version: 0(user) 4(machine)
    > Sysvol version: not found
    > Flags: 0
    > User extensions: not found
    > Machine extensions:
    > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    > Functionality version: 2
    > ------------------------------------------------------------
    > ============================================================
    > Policy {E3668F2C-D789-4A77-822D-DEABB4B9A657}
    > Policy OK
    > Details:
    > ------------------------------------------------------------
    > DC: spro.sprosys.com
    > Friendly name: New Group Policy Object
    > Created: 4/27/2005 3:54:32 AM
    > Changed: 4/28/2005 10:05:15 AM
    > DS version: 0(user) 34(machine)
    > Sysvol version: 0(user) 34(machine)
    > Flags: 0
    > User extensions: not found
    > Machine extensions:
    > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    > Functionality version: 2
    > ------------------------------------------------------------
    > ------------------------------------------------------------
    > DC: softpro.sprosys.com
    > Friendly name: New Group Policy Object
    > Created: 4/27/2005 3:54:32 AM
    > Changed: 4/28/2005 10:00:51 AM
    > DS version: 0(user) 34(machine)
    > Sysvol version: 0(user) 34(machine)
    > Flags: 0
    > User extensions: not found
    > Machine extensions:
    > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    > Functionality version: 2
    > ------------------------------------------------------------
    >
    > Errors found
    >
    > Thanks and Regards
    > Rajam.
    >
    >
    > "Steven L Umbach" wrote:
    >
    >> Well good to hear that your dns seems to working correctly. See if
    >> anything
    >> unusual shows in the application or system logs in Event Viewer and try
    >> accessing the sysvol share as I explained before to see first if you can
    >> access it and then if you can try to navigate to those policies via
    >> domain
    >> name\policies\31B2F....\machine\Microsoft\Windows NT\SecEdit where you
    >> should see and be able to open the GptTmpl.inf file there. The policy
    >> starting 31B2F.... is the default domain Group Policy. Also try running
    >> the
    >> support tool gpotool to see if it shows at least two Group Policies and
    >> if
    >> any problems are reported as far as version numbers. Another thing to
    >> check
    >> is to Use Active Directory Users and Computers. Then find your domain,
    >> right
    >> click and select properties/Group Policy where you should see default
    >> domain
    >> policy. For it select properties/security to make sure that domain admins
    >> have necessary permissions which need to be at least read and write to
    >> edit
    >> the Group Policy. Verify that domain admins global group is a member of
    >> the
    >> administrators group and that you are logged on as a member of the domain
    >> admins group. --- Steve
    >>
    >>
    >> "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    >> news:B72B0975-D61E-4826-93EA-BBDECB3FFE11@microsoft.com...
    >> > Hi Steven
    >> >
    >> > Thanx for your kind suggestion. But we tried Netdiag and Dcdiag tools.
    >> > But
    >> > we couldn't find any problems in it. We are not using ISP IP as DNS
    >> > server
    >> > address. What we are suspecting is might be some policies are applied
    >> > on
    >> > Administrator account. Pls kindly let me know is there any other
    >> > solution
    >> > to
    >> > opening Security Policies like Domain Security Policy and Domain
    >> > Controller
    >> > Security Policy in Domain Controller or Additional Domain Controller.
    >> > Waiting for your reply.
    >> >
    >> > Thanks and Regards
    >> > Rajam
    >> >
    >> > "Steven L Umbach" wrote:
    >> >
    >> >> That could be a dns problem or a problem with the existence of the
    >> >> sysvol
    >> >> share or permissions for it. From any domain computer you should be
    >> >> able
    >> >> to
    >> >> access the sysvol share by entering in the run box
    >> >> \\domaincontrollername\sysvol. Run the support tools netdiag and
    >> >> dcdiag
    >> >> on
    >> >> the domain controller looking for pertinent problems and also check
    >> >> Event
    >> >> Viewer for Event ID's than may detail a related problem. Support tools
    >> >> are
    >> >> on the install disk in the support/tools folder. See the link below on
    >> >> dns
    >> >> to make sure your dns is correctly configured for the domain and NEVER
    >> >> list
    >> >> an ISP dns server as a preferred dns server in tcp/ip properties of
    >> >> any
    >> >> domain computer or computer you are trying to join to the domain. ---
    >> >> Steve
    >> >>
    >> >> http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382
    >> >>
    >> >> "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    >> >> news:AF5B03FD-BFDF-4BCF-8150-8C514F1F88AE@microsoft.com...
    >> >> > Hi
    >> >> >
    >> >> > I have Win2000 Domain Controller logged in as domain administrators.
    >> >> >
    >> >> > Problem is : I could not able to open Domain Security Policy or
    >> >> > Domain
    >> >> > Controller Security Policy. We would like to apply some policies.
    >> >> > But
    >> >> > Domain
    >> >> > Default Policy Editor is not opening at all.
    >> >> >
    >> >> > Its showing a message like "you dont have appropriate permissions.
    >> >> > Details : The System Cannot find path." That is the message i m
    >> >> > getting
    >> >> > whenever i tried to open Domain Security Policy and Domain Security
    >> >> > Policy.
    >> >> >
    >> >> > Please help me in this.
    >> >> >
    >> >> > Thanks and Regards
    >> >> > Rajam.
    >> >> >
    >> >>
    >> >>
    >> >>
    >>
    >>
    >>
  6. Archived from groups: microsoft.public.win2000.security (More info?)

    Hi steve

    Thanks for ur response. Actually we dont wanna do Authrotative Restore.
    Because we dont know when the problem has started. We have made lot of
    changes recently in our DC like creation of users and other share and
    Security permissions. If we go for authoratative restore everything what we
    have done recently we will lose.
    About that tool which is specified by you, How much is safety is there?
    Plase advise me which is the best way to restore our Default Domain
    Policies... Waiting for your reply.

    Thanks and Regards
    Varadarajam.

    "Steven L Umbach" wrote:

    > Well it certainly looks like you have a problem with the two default
    > policies for domain and domain controller. One solution could be to an
    > authoritative restore of Active Directory from a System State backup from a
    > time before this problem occurred. if it is a fairly recent problem then
    > that may be a good solution assuming you have the System State backups.
    > Another possibility that I can think of is to use a free tool from Microsoft
    > to rebuild those two policies called RecreateDefpol.EX. The link for it is
    > below and be sure to read the instructions and warnings. That is what I
    > would try. You may however want to post in the Active Directory newsgroup to
    > see if they have any further suggestions or alternatives. --- Steve
    >
    > http://www.microsoft.com/downloads/details.aspx?FamilyID=b5b685ae-b7dd-4bb5-ab2a-976d6873129d&displaylang=en
    >
    > "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    > news:68CA3690-3D4C-4899-9AEA-0A5CCAE1F21B@microsoft.com...
    > > Hi Steven
    > >
    > > Thanks for your reply. Actually we checked for that policy which u
    > > mentioned
    > > previously. Actually we dint find that policy in the Domain Controllers
    > > Sysvol folder. If we try to change the settings of Default Domain Policy
    > > properties also its saying u cannot access that file. We ran GPOTool also.
    > > It
    > > has given some errors on this Default Domain Policy. I am sending that
    > > report
    > > with this mail. Pls look into it and give me the suggestion on this. Is it
    > > possible to create that Domain Default Policy. If its possible pls give me
    > > the clear procedure for that. Waiting for your reply. Pls find the GPO
    > > Report.
    > > This is the report we got it when we ran GPOTool.
    > >
    > > Domain: sprosys.com
    > > Validating DCs...
    > > spro.sprosys.com: OK
    > > softpro.sprosys.com: OK
    > > Available DCs:
    > > spro.sprosys.com
    > > softpro.sprosys.com
    > > Searching for policies...
    > > Found 7 policies
    > > ============================================================
    > > Policy {0196EEA9-48D4-480E-8961-2E5E2C35D891}
    > > Policy OK
    > > Details:
    > > ------------------------------------------------------------
    > > DC: spro.sprosys.com
    > > Friendly name: AccountTracking
    > > Created: 4/26/2005 6:22:38 AM
    > > Changed: 4/28/2005 10:05:15 AM
    > > DS version: 0(user) 0(machine)
    > > Sysvol version: 0(user) 0(machine)
    > > Flags: 0
    > > User extensions: not found
    > > Machine extensions: not found
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > > ------------------------------------------------------------
    > > DC: softpro.sprosys.com
    > > Friendly name: AccountTracking
    > > Created: 4/26/2005 6:22:38 AM
    > > Changed: 4/28/2005 10:01:39 AM
    > > DS version: 0(user) 0(machine)
    > > Sysvol version: 0(user) 0(machine)
    > > Flags: 0
    > > User extensions: not found
    > > Machine extensions: not found
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > > ============================================================
    > > Policy {07DDE52B-4D39-4007-BB66-B37887143BE7}
    > > Policy OK
    > > Details:
    > > ------------------------------------------------------------
    > > DC: spro.sprosys.com
    > > Friendly name: Terminal
    > > Created: 2/28/2005 2:24:50 PM
    > > Changed: 4/28/2005 10:05:15 AM
    > > DS version: 33(user) 3(machine)
    > > Sysvol version: 33(user) 3(machine)
    > > Flags: 0
    > > User extensions:
    > > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    > > Machine extensions:
    > > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > > ------------------------------------------------------------
    > > DC: softpro.sprosys.com
    > > Friendly name: Terminal
    > > Created: 2/28/2005 2:24:50 PM
    > > Changed: 4/28/2005 10:01:29 AM
    > > DS version: 33(user) 3(machine)
    > > Sysvol version: 33(user) 3(machine)
    > > Flags: 0
    > > User extensions:
    > > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    > > Machine extensions:
    > > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > > ============================================================
    > > Policy {277C0E32-FC88-483F-BD63-EDA7DBA00770}
    > > Policy OK
    > > Details:
    > > ------------------------------------------------------------
    > > DC: spro.sprosys.com
    > > Friendly name: Terminal
    > > Created: 2/28/2005 2:23:24 PM
    > > Changed: 4/28/2005 10:05:15 AM
    > > DS version: 0(user) 0(machine)
    > > Sysvol version: 0(user) 0(machine)
    > > Flags: 0
    > > User extensions: not found
    > > Machine extensions: not found
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > > ------------------------------------------------------------
    > > DC: softpro.sprosys.com
    > > Friendly name: Terminal
    > > Created: 2/28/2005 2:23:24 PM
    > > Changed: 4/28/2005 10:01:22 AM
    > > DS version: 0(user) 0(machine)
    > > Sysvol version: 0(user) 0(machine)
    > > Flags: 0
    > > User extensions: not found
    > > Machine extensions: not found
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > > ============================================================
    > > Policy {31B2F340-016D-11D2-945F-00C04FB984F9}
    > > Error: Cannot access
    > > \\spro.sprosys.com\sysvol\sprosys.com\policies\{31B2F340-016D-11D2-945F-00C04FB984F9},
    > > error 2
    > > Error: Cannot access
    > > \\softpro.sprosys.com\sysvol\sprosys.com\policies\{31B2F340-016D-11D2-945F-00C04FB984F9},
    > > error 2
    > > Details:
    > > ------------------------------------------------------------
    > > DC: spro.sprosys.com
    > > Friendly name: Default Domain Policy
    > > Created: 10/12/2004 4:37:20 PM
    > > Changed: 4/30/2005 7:28:50 AM
    > > DS version: 1(user) 3(machine)
    > > Sysvol version: not found
    > > Flags: 0
    > > User extensions:
    > > [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]
    > > Machine extensions:
    > > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > > ------------------------------------------------------------
    > > DC: softpro.sprosys.com
    > > Friendly name: Default Domain Policy
    > > Created: 10/12/2004 4:37:20 PM
    > > Changed: 4/30/2005 7:29:56 AM
    > > DS version: 1(user) 3(machine)
    > > Sysvol version: not found
    > > Flags: 0
    > > User extensions:
    > > [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]
    > > Machine extensions:
    > > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > > ============================================================
    > > Policy {5176A5A6-48DD-4A96-8405-A815C10B7EA8}
    > > Policy OK
    > > Details:
    > > ------------------------------------------------------------
    > > DC: spro.sprosys.com
    > > Friendly name: terminal
    > > Created: 2/28/2005 12:22:15 PM
    > > Changed: 4/28/2005 10:05:15 AM
    > > DS version: 1(user) 0(machine)
    > > Sysvol version: 1(user) 0(machine)
    > > Flags: 0
    > > User extensions:
    > > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    > > Machine extensions: not found
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > > ------------------------------------------------------------
    > > DC: softpro.sprosys.com
    > > Friendly name: terminal
    > > Created: 2/28/2005 12:22:15 PM
    > > Changed: 4/28/2005 10:01:08 AM
    > > DS version: 1(user) 0(machine)
    > > Sysvol version: 1(user) 0(machine)
    > > Flags: 0
    > > User extensions:
    > > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    > > Machine extensions: not found
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > > ============================================================
    > > Policy {6AC1786C-016F-11D2-945F-00C04FB984F9}
    > > Error: Cannot access
    > > \\spro.sprosys.com\sysvol\sprosys.com\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9},
    > > error 2
    > > Error: Cannot access
    > > \\softpro.sprosys.com\sysvol\sprosys.com\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9},
    > > error 2
    > > Details:
    > > ------------------------------------------------------------
    > > DC: spro.sprosys.com
    > > Friendly name: Default Domain Controllers Policy
    > > Created: 10/12/2004 4:37:20 PM
    > > Changed: 4/28/2005 10:05:15 AM
    > > DS version: 0(user) 4(machine)
    > > Sysvol version: not found
    > > Flags: 0
    > > User extensions: not found
    > > Machine extensions:
    > > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > > ------------------------------------------------------------
    > > DC: softpro.sprosys.com
    > > Friendly name: Default Domain Controllers Policy
    > > Created: 10/12/2004 4:37:20 PM
    > > Changed: 4/28/2005 10:01:01 AM
    > > DS version: 0(user) 4(machine)
    > > Sysvol version: not found
    > > Flags: 0
    > > User extensions: not found
    > > Machine extensions:
    > > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > > ============================================================
    > > Policy {E3668F2C-D789-4A77-822D-DEABB4B9A657}
    > > Policy OK
    > > Details:
    > > ------------------------------------------------------------
    > > DC: spro.sprosys.com
    > > Friendly name: New Group Policy Object
    > > Created: 4/27/2005 3:54:32 AM
    > > Changed: 4/28/2005 10:05:15 AM
    > > DS version: 0(user) 34(machine)
    > > Sysvol version: 0(user) 34(machine)
    > > Flags: 0
    > > User extensions: not found
    > > Machine extensions:
    > > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > > ------------------------------------------------------------
    > > DC: softpro.sprosys.com
    > > Friendly name: New Group Policy Object
    > > Created: 4/27/2005 3:54:32 AM
    > > Changed: 4/28/2005 10:00:51 AM
    > > DS version: 0(user) 34(machine)
    > > Sysvol version: 0(user) 34(machine)
    > > Flags: 0
    > > User extensions: not found
    > > Machine extensions:
    > > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    > > Functionality version: 2
    > > ------------------------------------------------------------
    > >
    > > Errors found
    > >
    > > Thanks and Regards
    > > Rajam.
    > >
    > >
    > > "Steven L Umbach" wrote:
    > >
    > >> Well good to hear that your dns seems to working correctly. See if
    > >> anything
    > >> unusual shows in the application or system logs in Event Viewer and try
    > >> accessing the sysvol share as I explained before to see first if you can
    > >> access it and then if you can try to navigate to those policies via
    > >> domain
    > >> name\policies\31B2F....\machine\Microsoft\Windows NT\SecEdit where you
    > >> should see and be able to open the GptTmpl.inf file there. The policy
    > >> starting 31B2F.... is the default domain Group Policy. Also try running
    > >> the
    > >> support tool gpotool to see if it shows at least two Group Policies and
    > >> if
    > >> any problems are reported as far as version numbers. Another thing to
    > >> check
    > >> is to Use Active Directory Users and Computers. Then find your domain,
    > >> right
    > >> click and select properties/Group Policy where you should see default
    > >> domain
    > >> policy. For it select properties/security to make sure that domain admins
    > >> have necessary permissions which need to be at least read and write to
    > >> edit
    > >> the Group Policy. Verify that domain admins global group is a member of
    > >> the
    > >> administrators group and that you are logged on as a member of the domain
    > >> admins group. --- Steve
    > >>
    > >>
    > >> "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    > >> news:B72B0975-D61E-4826-93EA-BBDECB3FFE11@microsoft.com...
    > >> > Hi Steven
    > >> >
  7. Archived from groups: microsoft.public.win2000.security (More info?)

    Microsoft advices the use of RecreateDefpol.EXE as a last resort option. I
    have tested it in a test domain and for me it worked fine. What you could do
    is to make a current System State backup and then try RecreateDefpol.EXE. If
    some sort of problem arises you could always restore that System State
    backup and you will at least be back to where you are now. If you have a
    test network with a domain controller or can whip one up, try
    RecreateDefpol.EXE so you can know what to expect from it. --- Steve


    "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    news:BCCFCC9E-2360-4272-AAFE-442DF5DC43C7@microsoft.com...
    > Hi steve
    >
    > Thanks for ur response. Actually we dont wanna do Authrotative Restore.
    > Because we dont know when the problem has started. We have made lot of
    > changes recently in our DC like creation of users and other share and
    > Security permissions. If we go for authoratative restore everything what
    > we
    > have done recently we will lose.
    > About that tool which is specified by you, How much is safety is there?
    > Plase advise me which is the best way to restore our Default Domain
    > Policies... Waiting for your reply.
    >
    > Thanks and Regards
    > Varadarajam.
    >
    > "Steven L Umbach" wrote:
    >
    >> Well it certainly looks like you have a problem with the two default
    >> policies for domain and domain controller. One solution could be to an
    >> authoritative restore of Active Directory from a System State backup from
    >> a
    >> time before this problem occurred. if it is a fairly recent problem then
    >> that may be a good solution assuming you have the System State backups.
    >> Another possibility that I can think of is to use a free tool from
    >> Microsoft
    >> to rebuild those two policies called RecreateDefpol.EX. The link for it
    >> is
    >> below and be sure to read the instructions and warnings. That is what I
    >> would try. You may however want to post in the Active Directory newsgroup
    >> to
    >> see if they have any further suggestions or alternatives. --- Steve
    >>
    >> http://www.microsoft.com/downloads/details.aspx?FamilyID=b5b685ae-b7dd-4bb5-ab2a-976d6873129d&displaylang=en
    >>
    >> "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    >> news:68CA3690-3D4C-4899-9AEA-0A5CCAE1F21B@microsoft.com...
    >> > Hi Steven
    >> >
    >> > Thanks for your reply. Actually we checked for that policy which u
    >> > mentioned
    >> > previously. Actually we dint find that policy in the Domain Controllers
    >> > Sysvol folder. If we try to change the settings of Default Domain
    >> > Policy
    >> > properties also its saying u cannot access that file. We ran GPOTool
    >> > also.
    >> > It
    >> > has given some errors on this Default Domain Policy. I am sending that
    >> > report
    >> > with this mail. Pls look into it and give me the suggestion on this. Is
    >> > it
    >> > possible to create that Domain Default Policy. If its possible pls give
    >> > me
    >> > the clear procedure for that. Waiting for your reply. Pls find the GPO
    >> > Report.
    >> > This is the report we got it when we ran GPOTool.
    >> >
    >> > Domain: sprosys.com
    >> > Validating DCs...
    >> > spro.sprosys.com: OK
    >> > softpro.sprosys.com: OK
    >> > Available DCs:
    >> > spro.sprosys.com
    >> > softpro.sprosys.com
    >> > Searching for policies...
    >> > Found 7 policies
    >> > ============================================================
    >> > Policy {0196EEA9-48D4-480E-8961-2E5E2C35D891}
    >> > Policy OK
    >> > Details:
    >> > ------------------------------------------------------------
    >> > DC: spro.sprosys.com
    >> > Friendly name: AccountTracking
    >> > Created: 4/26/2005 6:22:38 AM
    >> > Changed: 4/28/2005 10:05:15 AM
    >> > DS version: 0(user) 0(machine)
    >> > Sysvol version: 0(user) 0(machine)
    >> > Flags: 0
    >> > User extensions: not found
    >> > Machine extensions: not found
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> > ------------------------------------------------------------
    >> > DC: softpro.sprosys.com
    >> > Friendly name: AccountTracking
    >> > Created: 4/26/2005 6:22:38 AM
    >> > Changed: 4/28/2005 10:01:39 AM
    >> > DS version: 0(user) 0(machine)
    >> > Sysvol version: 0(user) 0(machine)
    >> > Flags: 0
    >> > User extensions: not found
    >> > Machine extensions: not found
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> > ============================================================
    >> > Policy {07DDE52B-4D39-4007-BB66-B37887143BE7}
    >> > Policy OK
    >> > Details:
    >> > ------------------------------------------------------------
    >> > DC: spro.sprosys.com
    >> > Friendly name: Terminal
    >> > Created: 2/28/2005 2:24:50 PM
    >> > Changed: 4/28/2005 10:05:15 AM
    >> > DS version: 33(user) 3(machine)
    >> > Sysvol version: 33(user) 3(machine)
    >> > Flags: 0
    >> > User extensions:
    >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    >> > Machine extensions:
    >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> > ------------------------------------------------------------
    >> > DC: softpro.sprosys.com
    >> > Friendly name: Terminal
    >> > Created: 2/28/2005 2:24:50 PM
    >> > Changed: 4/28/2005 10:01:29 AM
    >> > DS version: 33(user) 3(machine)
    >> > Sysvol version: 33(user) 3(machine)
    >> > Flags: 0
    >> > User extensions:
    >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    >> > Machine extensions:
    >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> > ============================================================
    >> > Policy {277C0E32-FC88-483F-BD63-EDA7DBA00770}
    >> > Policy OK
    >> > Details:
    >> > ------------------------------------------------------------
    >> > DC: spro.sprosys.com
    >> > Friendly name: Terminal
    >> > Created: 2/28/2005 2:23:24 PM
    >> > Changed: 4/28/2005 10:05:15 AM
    >> > DS version: 0(user) 0(machine)
    >> > Sysvol version: 0(user) 0(machine)
    >> > Flags: 0
    >> > User extensions: not found
    >> > Machine extensions: not found
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> > ------------------------------------------------------------
    >> > DC: softpro.sprosys.com
    >> > Friendly name: Terminal
    >> > Created: 2/28/2005 2:23:24 PM
    >> > Changed: 4/28/2005 10:01:22 AM
    >> > DS version: 0(user) 0(machine)
    >> > Sysvol version: 0(user) 0(machine)
    >> > Flags: 0
    >> > User extensions: not found
    >> > Machine extensions: not found
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> > ============================================================
    >> > Policy {31B2F340-016D-11D2-945F-00C04FB984F9}
    >> > Error: Cannot access
    >> > \\spro.sprosys.com\sysvol\sprosys.com\policies\{31B2F340-016D-11D2-945F-00C04FB984F9},
    >> > error 2
    >> > Error: Cannot access
    >> > \\softpro.sprosys.com\sysvol\sprosys.com\policies\{31B2F340-016D-11D2-945F-00C04FB984F9},
    >> > error 2
    >> > Details:
    >> > ------------------------------------------------------------
    >> > DC: spro.sprosys.com
    >> > Friendly name: Default Domain Policy
    >> > Created: 10/12/2004 4:37:20 PM
    >> > Changed: 4/30/2005 7:28:50 AM
    >> > DS version: 1(user) 3(machine)
    >> > Sysvol version: not found
    >> > Flags: 0
    >> > User extensions:
    >> > [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]
    >> > Machine extensions:
    >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> > ------------------------------------------------------------
    >> > DC: softpro.sprosys.com
    >> > Friendly name: Default Domain Policy
    >> > Created: 10/12/2004 4:37:20 PM
    >> > Changed: 4/30/2005 7:29:56 AM
    >> > DS version: 1(user) 3(machine)
    >> > Sysvol version: not found
    >> > Flags: 0
    >> > User extensions:
    >> > [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]
    >> > Machine extensions:
    >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> > ============================================================
    >> > Policy {5176A5A6-48DD-4A96-8405-A815C10B7EA8}
    >> > Policy OK
    >> > Details:
    >> > ------------------------------------------------------------
    >> > DC: spro.sprosys.com
    >> > Friendly name: terminal
    >> > Created: 2/28/2005 12:22:15 PM
    >> > Changed: 4/28/2005 10:05:15 AM
    >> > DS version: 1(user) 0(machine)
    >> > Sysvol version: 1(user) 0(machine)
    >> > Flags: 0
    >> > User extensions:
    >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    >> > Machine extensions: not found
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> > ------------------------------------------------------------
    >> > DC: softpro.sprosys.com
    >> > Friendly name: terminal
    >> > Created: 2/28/2005 12:22:15 PM
    >> > Changed: 4/28/2005 10:01:08 AM
    >> > DS version: 1(user) 0(machine)
    >> > Sysvol version: 1(user) 0(machine)
    >> > Flags: 0
    >> > User extensions:
    >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    >> > Machine extensions: not found
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> > ============================================================
    >> > Policy {6AC1786C-016F-11D2-945F-00C04FB984F9}
    >> > Error: Cannot access
    >> > \\spro.sprosys.com\sysvol\sprosys.com\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9},
    >> > error 2
    >> > Error: Cannot access
    >> > \\softpro.sprosys.com\sysvol\sprosys.com\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9},
    >> > error 2
    >> > Details:
    >> > ------------------------------------------------------------
    >> > DC: spro.sprosys.com
    >> > Friendly name: Default Domain Controllers Policy
    >> > Created: 10/12/2004 4:37:20 PM
    >> > Changed: 4/28/2005 10:05:15 AM
    >> > DS version: 0(user) 4(machine)
    >> > Sysvol version: not found
    >> > Flags: 0
    >> > User extensions: not found
    >> > Machine extensions:
    >> > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> > ------------------------------------------------------------
    >> > DC: softpro.sprosys.com
    >> > Friendly name: Default Domain Controllers Policy
    >> > Created: 10/12/2004 4:37:20 PM
    >> > Changed: 4/28/2005 10:01:01 AM
    >> > DS version: 0(user) 4(machine)
    >> > Sysvol version: not found
    >> > Flags: 0
    >> > User extensions: not found
    >> > Machine extensions:
    >> > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> > ============================================================
    >> > Policy {E3668F2C-D789-4A77-822D-DEABB4B9A657}
    >> > Policy OK
    >> > Details:
    >> > ------------------------------------------------------------
    >> > DC: spro.sprosys.com
    >> > Friendly name: New Group Policy Object
    >> > Created: 4/27/2005 3:54:32 AM
    >> > Changed: 4/28/2005 10:05:15 AM
    >> > DS version: 0(user) 34(machine)
    >> > Sysvol version: 0(user) 34(machine)
    >> > Flags: 0
    >> > User extensions: not found
    >> > Machine extensions:
    >> > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> > ------------------------------------------------------------
    >> > DC: softpro.sprosys.com
    >> > Friendly name: New Group Policy Object
    >> > Created: 4/27/2005 3:54:32 AM
    >> > Changed: 4/28/2005 10:00:51 AM
    >> > DS version: 0(user) 34(machine)
    >> > Sysvol version: 0(user) 34(machine)
    >> > Flags: 0
    >> > User extensions: not found
    >> > Machine extensions:
    >> > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    >> > Functionality version: 2
    >> > ------------------------------------------------------------
    >> >
    >> > Errors found
    >> >
    >> > Thanks and Regards
    >> > Rajam.
    >> >
    >> >
    >> > "Steven L Umbach" wrote:
    >> >
    >> >> Well good to hear that your dns seems to working correctly. See if
    >> >> anything
    >> >> unusual shows in the application or system logs in Event Viewer and
    >> >> try
    >> >> accessing the sysvol share as I explained before to see first if you
    >> >> can
    >> >> access it and then if you can try to navigate to those policies via
    >> >> domain
    >> >> name\policies\31B2F....\machine\Microsoft\Windows NT\SecEdit where you
    >> >> should see and be able to open the GptTmpl.inf file there. The policy
    >> >> starting 31B2F.... is the default domain Group Policy. Also try
    >> >> running
    >> >> the
    >> >> support tool gpotool to see if it shows at least two Group Policies
    >> >> and
    >> >> if
    >> >> any problems are reported as far as version numbers. Another thing to
    >> >> check
    >> >> is to Use Active Directory Users and Computers. Then find your domain,
    >> >> right
    >> >> click and select properties/Group Policy where you should see default
    >> >> domain
    >> >> policy. For it select properties/security to make sure that domain
    >> >> admins
    >> >> have necessary permissions which need to be at least read and write to
    >> >> edit
    >> >> the Group Policy. Verify that domain admins global group is a member
    >> >> of
    >> >> the
    >> >> administrators group and that you are logged on as a member of the
    >> >> domain
    >> >> admins group. --- Steve
    >> >>
    >> >>
    >> >> "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    >> >> news:B72B0975-D61E-4826-93EA-BBDECB3FFE11@microsoft.com...
    >> >> > Hi Steven
    >> >> >
  8. Archived from groups: microsoft.public.win2000.security (More info?)

    Hi Steve

    Thanks for your reply. Actually we tried with a new test domain. Then we
    tried with this tool., It worked fine. I got that Security Policies back.
    Then i installed it on our main DC. Nothing wrong happned. We got our Defualt
    Domain Policy back. But we need to apply some policies then, we need to check
    these are applying or not. Let see.. Anyhave we really very thank ful to u
    Mr.Steven that u have spent lot of time on our problem. Thank you very much.
    i will get back to you soon.

    Varadarajam.

    "Steven L Umbach" wrote:

    > Microsoft advices the use of RecreateDefpol.EXE as a last resort option. I
    > have tested it in a test domain and for me it worked fine. What you could do
    > is to make a current System State backup and then try RecreateDefpol.EXE. If
    > some sort of problem arises you could always restore that System State
    > backup and you will at least be back to where you are now. If you have a
    > test network with a domain controller or can whip one up, try
    > RecreateDefpol.EXE so you can know what to expect from it. --- Steve
    >
    >
    > "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    > news:BCCFCC9E-2360-4272-AAFE-442DF5DC43C7@microsoft.com...
    > > Hi steve
    > >
    > > Thanks for ur response. Actually we dont wanna do Authrotative Restore.
    > > Because we dont know when the problem has started. We have made lot of
    > > changes recently in our DC like creation of users and other share and
    > > Security permissions. If we go for authoratative restore everything what
    > > we
    > > have done recently we will lose.
    > > About that tool which is specified by you, How much is safety is there?
    > > Plase advise me which is the best way to restore our Default Domain
    > > Policies... Waiting for your reply.
    > >
    > > Thanks and Regards
    > > Varadarajam.
    > >
    > > "Steven L Umbach" wrote:
    > >
    > >> Well it certainly looks like you have a problem with the two default
    > >> policies for domain and domain controller. One solution could be to an
    > >> authoritative restore of Active Directory from a System State backup from
    > >> a
    > >> time before this problem occurred. if it is a fairly recent problem then
    > >> that may be a good solution assuming you have the System State backups.
    > >> Another possibility that I can think of is to use a free tool from
    > >> Microsoft
    > >> to rebuild those two policies called RecreateDefpol.EX. The link for it
    > >> is
    > >> below and be sure to read the instructions and warnings. That is what I
    > >> would try. You may however want to post in the Active Directory newsgroup
    > >> to
    > >> see if they have any further suggestions or alternatives. --- Steve
    > >>
    > >> http://www.microsoft.com/downloads/details.aspx?FamilyID=b5b685ae-b7dd-4bb5-ab2a-976d6873129d&displaylang=en
    > >>
    > >> "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    > >> news:68CA3690-3D4C-4899-9AEA-0A5CCAE1F21B@microsoft.com...
    > >> > Hi Steven
    > >> >
    > >> > Thanks for your reply. Actually we checked for that policy which u
    > >> > mentioned
    > >> > previously. Actually we dint find that policy in the Domain Controllers
    > >> > Sysvol folder. If we try to change the settings of Default Domain
    > >> > Policy
    > >> > properties also its saying u cannot access that file. We ran GPOTool
    > >> > also.
    > >> > It
    > >> > has given some errors on this Default Domain Policy. I am sending that
    > >> > report
    > >> > with this mail. Pls look into it and give me the suggestion on this. Is
    > >> > it
    > >> > possible to create that Domain Default Policy. If its possible pls give
    > >> > me
    > >> > the clear procedure for that. Waiting for your reply. Pls find the GPO
    > >> > Report.
    > >> > This is the report we got it when we ran GPOTool.
    > >> >
    > >> > Domain: sprosys.com
    > >> > Validating DCs...
    > >> > spro.sprosys.com: OK
    > >> > softpro.sprosys.com: OK
    > >> > Available DCs:
    > >> > spro.sprosys.com
    > >> > softpro.sprosys.com
    > >> > Searching for policies...
    > >> > Found 7 policies
    > >> > ============================================================
    > >> > Policy {0196EEA9-48D4-480E-8961-2E5E2C35D891}
    > >> > Policy OK
    > >> > Details:
    > >> > ------------------------------------------------------------
    > >> > DC: spro.sprosys.com
    > >> > Friendly name: AccountTracking
    > >> > Created: 4/26/2005 6:22:38 AM
    > >> > Changed: 4/28/2005 10:05:15 AM
    > >> > DS version: 0(user) 0(machine)
    > >> > Sysvol version: 0(user) 0(machine)
    > >> > Flags: 0
    > >> > User extensions: not found
    > >> > Machine extensions: not found
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> > ------------------------------------------------------------
    > >> > DC: softpro.sprosys.com
    > >> > Friendly name: AccountTracking
    > >> > Created: 4/26/2005 6:22:38 AM
    > >> > Changed: 4/28/2005 10:01:39 AM
    > >> > DS version: 0(user) 0(machine)
    > >> > Sysvol version: 0(user) 0(machine)
    > >> > Flags: 0
    > >> > User extensions: not found
    > >> > Machine extensions: not found
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> > ============================================================
    > >> > Policy {07DDE52B-4D39-4007-BB66-B37887143BE7}
    > >> > Policy OK
    > >> > Details:
    > >> > ------------------------------------------------------------
    > >> > DC: spro.sprosys.com
    > >> > Friendly name: Terminal
    > >> > Created: 2/28/2005 2:24:50 PM
    > >> > Changed: 4/28/2005 10:05:15 AM
    > >> > DS version: 33(user) 3(machine)
    > >> > Sysvol version: 33(user) 3(machine)
    > >> > Flags: 0
    > >> > User extensions:
    > >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    > >> > Machine extensions:
    > >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> > ------------------------------------------------------------
    > >> > DC: softpro.sprosys.com
    > >> > Friendly name: Terminal
    > >> > Created: 2/28/2005 2:24:50 PM
    > >> > Changed: 4/28/2005 10:01:29 AM
    > >> > DS version: 33(user) 3(machine)
    > >> > Sysvol version: 33(user) 3(machine)
    > >> > Flags: 0
    > >> > User extensions:
    > >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    > >> > Machine extensions:
    > >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> > ============================================================
    > >> > Policy {277C0E32-FC88-483F-BD63-EDA7DBA00770}
    > >> > Policy OK
    > >> > Details:
    > >> > ------------------------------------------------------------
    > >> > DC: spro.sprosys.com
    > >> > Friendly name: Terminal
    > >> > Created: 2/28/2005 2:23:24 PM
    > >> > Changed: 4/28/2005 10:05:15 AM
    > >> > DS version: 0(user) 0(machine)
    > >> > Sysvol version: 0(user) 0(machine)
    > >> > Flags: 0
    > >> > User extensions: not found
    > >> > Machine extensions: not found
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> > ------------------------------------------------------------
    > >> > DC: softpro.sprosys.com
    > >> > Friendly name: Terminal
    > >> > Created: 2/28/2005 2:23:24 PM
    > >> > Changed: 4/28/2005 10:01:22 AM
    > >> > DS version: 0(user) 0(machine)
    > >> > Sysvol version: 0(user) 0(machine)
    > >> > Flags: 0
    > >> > User extensions: not found
    > >> > Machine extensions: not found
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> > ============================================================
    > >> > Policy {31B2F340-016D-11D2-945F-00C04FB984F9}
    > >> > Error: Cannot access
    > >> > \\spro.sprosys.com\sysvol\sprosys.com\policies\{31B2F340-016D-11D2-945F-00C04FB984F9},
    > >> > error 2
    > >> > Error: Cannot access
    > >> > \\softpro.sprosys.com\sysvol\sprosys.com\policies\{31B2F340-016D-11D2-945F-00C04FB984F9},
    > >> > error 2
    > >> > Details:
    > >> > ------------------------------------------------------------
    > >> > DC: spro.sprosys.com
    > >> > Friendly name: Default Domain Policy
    > >> > Created: 10/12/2004 4:37:20 PM
    > >> > Changed: 4/30/2005 7:28:50 AM
    > >> > DS version: 1(user) 3(machine)
    > >> > Sysvol version: not found
    > >> > Flags: 0
    > >> > User extensions:
    > >> > [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]
    > >> > Machine extensions:
    > >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> > ------------------------------------------------------------
    > >> > DC: softpro.sprosys.com
    > >> > Friendly name: Default Domain Policy
    > >> > Created: 10/12/2004 4:37:20 PM
    > >> > Changed: 4/30/2005 7:29:56 AM
    > >> > DS version: 1(user) 3(machine)
    > >> > Sysvol version: not found
    > >> > Flags: 0
    > >> > User extensions:
    > >> > [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]
    > >> > Machine extensions:
    > >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> > ============================================================
    > >> > Policy {5176A5A6-48DD-4A96-8405-A815C10B7EA8}
    > >> > Policy OK
    > >> > Details:
    > >> > ------------------------------------------------------------
    > >> > DC: spro.sprosys.com
    > >> > Friendly name: terminal
    > >> > Created: 2/28/2005 12:22:15 PM
    > >> > Changed: 4/28/2005 10:05:15 AM
    > >> > DS version: 1(user) 0(machine)
    > >> > Sysvol version: 1(user) 0(machine)
    > >> > Flags: 0
    > >> > User extensions:
    > >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    > >> > Machine extensions: not found
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> > ------------------------------------------------------------
    > >> > DC: softpro.sprosys.com
    > >> > Friendly name: terminal
    > >> > Created: 2/28/2005 12:22:15 PM
    > >> > Changed: 4/28/2005 10:01:08 AM
    > >> > DS version: 1(user) 0(machine)
    > >> > Sysvol version: 1(user) 0(machine)
    > >> > Flags: 0
    > >> > User extensions:
    > >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    > >> > Machine extensions: not found
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> > ============================================================
    > >> > Policy {6AC1786C-016F-11D2-945F-00C04FB984F9}
    > >> > Error: Cannot access
    > >> > \\spro.sprosys.com\sysvol\sprosys.com\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9},
    > >> > error 2
    > >> > Error: Cannot access
    > >> > \\softpro.sprosys.com\sysvol\sprosys.com\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9},
    > >> > error 2
    > >> > Details:
    > >> > ------------------------------------------------------------
    > >> > DC: spro.sprosys.com
    > >> > Friendly name: Default Domain Controllers Policy
    > >> > Created: 10/12/2004 4:37:20 PM
    > >> > Changed: 4/28/2005 10:05:15 AM
    > >> > DS version: 0(user) 4(machine)
    > >> > Sysvol version: not found
    > >> > Flags: 0
    > >> > User extensions: not found
    > >> > Machine extensions:
    > >> > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> > ------------------------------------------------------------
    > >> > DC: softpro.sprosys.com
    > >> > Friendly name: Default Domain Controllers Policy
    > >> > Created: 10/12/2004 4:37:20 PM
    > >> > Changed: 4/28/2005 10:01:01 AM
    > >> > DS version: 0(user) 4(machine)
    > >> > Sysvol version: not found
    > >> > Flags: 0
    > >> > User extensions: not found
    > >> > Machine extensions:
    > >> > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> > ============================================================
    > >> > Policy {E3668F2C-D789-4A77-822D-DEABB4B9A657}
    > >> > Policy OK
    > >> > Details:
    > >> > ------------------------------------------------------------
    > >> > DC: spro.sprosys.com
    > >> > Friendly name: New Group Policy Object
    > >> > Created: 4/27/2005 3:54:32 AM
    > >> > Changed: 4/28/2005 10:05:15 AM
    > >> > DS version: 0(user) 34(machine)
    > >> > Sysvol version: 0(user) 34(machine)
    > >> > Flags: 0
    > >> > User extensions: not found
    > >> > Machine extensions:
    > >> > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> > ------------------------------------------------------------
    > >> > DC: softpro.sprosys.com
    > >> > Friendly name: New Group Policy Object
    > >> > Created: 4/27/2005 3:54:32 AM
    > >> > Changed: 4/28/2005 10:00:51 AM
    > >> > DS version: 0(user) 34(machine)
    > >> > Sysvol version: 0(user) 34(machine)
    > >> > Flags: 0
    > >> > User extensions: not found
    > >> > Machine extensions:
    > >> > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    > >> > Functionality version: 2
    > >> > ------------------------------------------------------------
    > >> >
    > >> > Errors found
    > >> >
    > >> > Thanks and Regards
  9. Archived from groups: microsoft.public.win2000.security (More info?)

    Excellent. Glad to help and thanks for posting back your results! --- Steve


    "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    news:CA4A5484-DC6D-45FD-A4EA-D01DFBE5F376@microsoft.com...
    > Hi Steve
    >
    > Thanks for your reply. Actually we tried with a new test domain. Then we
    > tried with this tool., It worked fine. I got that Security Policies back.
    > Then i installed it on our main DC. Nothing wrong happned. We got our
    > Defualt
    > Domain Policy back. But we need to apply some policies then, we need to
    > check
    > these are applying or not. Let see.. Anyhave we really very thank ful to u
    > Mr.Steven that u have spent lot of time on our problem. Thank you very
    > much.
    > i will get back to you soon.
    >
    > Varadarajam.
    >
    > "Steven L Umbach" wrote:
    >
    >> Microsoft advices the use of RecreateDefpol.EXE as a last resort option.
    >> I
    >> have tested it in a test domain and for me it worked fine. What you could
    >> do
    >> is to make a current System State backup and then try RecreateDefpol.EXE.
    >> If
    >> some sort of problem arises you could always restore that System State
    >> backup and you will at least be back to where you are now. If you have a
    >> test network with a domain controller or can whip one up, try
    >> RecreateDefpol.EXE so you can know what to expect from it. --- Steve
    >>
    >>
    >> "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    >> news:BCCFCC9E-2360-4272-AAFE-442DF5DC43C7@microsoft.com...
    >> > Hi steve
    >> >
    >> > Thanks for ur response. Actually we dont wanna do Authrotative Restore.
    >> > Because we dont know when the problem has started. We have made lot of
    >> > changes recently in our DC like creation of users and other share and
    >> > Security permissions. If we go for authoratative restore everything
    >> > what
    >> > we
    >> > have done recently we will lose.
    >> > About that tool which is specified by you, How much is safety is there?
    >> > Plase advise me which is the best way to restore our Default Domain
    >> > Policies... Waiting for your reply.
    >> >
    >> > Thanks and Regards
    >> > Varadarajam.
    >> >
    >> > "Steven L Umbach" wrote:
    >> >
    >> >> Well it certainly looks like you have a problem with the two default
    >> >> policies for domain and domain controller. One solution could be to an
    >> >> authoritative restore of Active Directory from a System State backup
    >> >> from
    >> >> a
    >> >> time before this problem occurred. if it is a fairly recent problem
    >> >> then
    >> >> that may be a good solution assuming you have the System State
    >> >> backups.
    >> >> Another possibility that I can think of is to use a free tool from
    >> >> Microsoft
    >> >> to rebuild those two policies called RecreateDefpol.EX. The link for
    >> >> it
    >> >> is
    >> >> below and be sure to read the instructions and warnings. That is what
    >> >> I
    >> >> would try. You may however want to post in the Active Directory
    >> >> newsgroup
    >> >> to
    >> >> see if they have any further suggestions or alternatives. --- Steve
    >> >>
    >> >> http://www.microsoft.com/downloads/details.aspx?FamilyID=b5b685ae-b7dd-4bb5-ab2a-976d6873129d&displaylang=en
    >> >>
    >> >> "Varadarajam" <Varadarajam@discussions.microsoft.com> wrote in message
    >> >> news:68CA3690-3D4C-4899-9AEA-0A5CCAE1F21B@microsoft.com...
    >> >> > Hi Steven
    >> >> >
    >> >> > Thanks for your reply. Actually we checked for that policy which u
    >> >> > mentioned
    >> >> > previously. Actually we dint find that policy in the Domain
    >> >> > Controllers
    >> >> > Sysvol folder. If we try to change the settings of Default Domain
    >> >> > Policy
    >> >> > properties also its saying u cannot access that file. We ran GPOTool
    >> >> > also.
    >> >> > It
    >> >> > has given some errors on this Default Domain Policy. I am sending
    >> >> > that
    >> >> > report
    >> >> > with this mail. Pls look into it and give me the suggestion on this.
    >> >> > Is
    >> >> > it
    >> >> > possible to create that Domain Default Policy. If its possible pls
    >> >> > give
    >> >> > me
    >> >> > the clear procedure for that. Waiting for your reply. Pls find the
    >> >> > GPO
    >> >> > Report.
    >> >> > This is the report we got it when we ran GPOTool.
    >> >> >
    >> >> > Domain: sprosys.com
    >> >> > Validating DCs...
    >> >> > spro.sprosys.com: OK
    >> >> > softpro.sprosys.com: OK
    >> >> > Available DCs:
    >> >> > spro.sprosys.com
    >> >> > softpro.sprosys.com
    >> >> > Searching for policies...
    >> >> > Found 7 policies
    >> >> > ============================================================
    >> >> > Policy {0196EEA9-48D4-480E-8961-2E5E2C35D891}
    >> >> > Policy OK
    >> >> > Details:
    >> >> > ------------------------------------------------------------
    >> >> > DC: spro.sprosys.com
    >> >> > Friendly name: AccountTracking
    >> >> > Created: 4/26/2005 6:22:38 AM
    >> >> > Changed: 4/28/2005 10:05:15 AM
    >> >> > DS version: 0(user) 0(machine)
    >> >> > Sysvol version: 0(user) 0(machine)
    >> >> > Flags: 0
    >> >> > User extensions: not found
    >> >> > Machine extensions: not found
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> > ------------------------------------------------------------
    >> >> > DC: softpro.sprosys.com
    >> >> > Friendly name: AccountTracking
    >> >> > Created: 4/26/2005 6:22:38 AM
    >> >> > Changed: 4/28/2005 10:01:39 AM
    >> >> > DS version: 0(user) 0(machine)
    >> >> > Sysvol version: 0(user) 0(machine)
    >> >> > Flags: 0
    >> >> > User extensions: not found
    >> >> > Machine extensions: not found
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> > ============================================================
    >> >> > Policy {07DDE52B-4D39-4007-BB66-B37887143BE7}
    >> >> > Policy OK
    >> >> > Details:
    >> >> > ------------------------------------------------------------
    >> >> > DC: spro.sprosys.com
    >> >> > Friendly name: Terminal
    >> >> > Created: 2/28/2005 2:24:50 PM
    >> >> > Changed: 4/28/2005 10:05:15 AM
    >> >> > DS version: 33(user) 3(machine)
    >> >> > Sysvol version: 33(user) 3(machine)
    >> >> > Flags: 0
    >> >> > User extensions:
    >> >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    >> >> > Machine extensions:
    >> >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> > ------------------------------------------------------------
    >> >> > DC: softpro.sprosys.com
    >> >> > Friendly name: Terminal
    >> >> > Created: 2/28/2005 2:24:50 PM
    >> >> > Changed: 4/28/2005 10:01:29 AM
    >> >> > DS version: 33(user) 3(machine)
    >> >> > Sysvol version: 33(user) 3(machine)
    >> >> > Flags: 0
    >> >> > User extensions:
    >> >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    >> >> > Machine extensions:
    >> >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}]
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> > ============================================================
    >> >> > Policy {277C0E32-FC88-483F-BD63-EDA7DBA00770}
    >> >> > Policy OK
    >> >> > Details:
    >> >> > ------------------------------------------------------------
    >> >> > DC: spro.sprosys.com
    >> >> > Friendly name: Terminal
    >> >> > Created: 2/28/2005 2:23:24 PM
    >> >> > Changed: 4/28/2005 10:05:15 AM
    >> >> > DS version: 0(user) 0(machine)
    >> >> > Sysvol version: 0(user) 0(machine)
    >> >> > Flags: 0
    >> >> > User extensions: not found
    >> >> > Machine extensions: not found
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> > ------------------------------------------------------------
    >> >> > DC: softpro.sprosys.com
    >> >> > Friendly name: Terminal
    >> >> > Created: 2/28/2005 2:23:24 PM
    >> >> > Changed: 4/28/2005 10:01:22 AM
    >> >> > DS version: 0(user) 0(machine)
    >> >> > Sysvol version: 0(user) 0(machine)
    >> >> > Flags: 0
    >> >> > User extensions: not found
    >> >> > Machine extensions: not found
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> > ============================================================
    >> >> > Policy {31B2F340-016D-11D2-945F-00C04FB984F9}
    >> >> > Error: Cannot access
    >> >> > \\spro.sprosys.com\sysvol\sprosys.com\policies\{31B2F340-016D-11D2-945F-00C04FB984F9},
    >> >> > error 2
    >> >> > Error: Cannot access
    >> >> > \\softpro.sprosys.com\sysvol\sprosys.com\policies\{31B2F340-016D-11D2-945F-00C04FB984F9},
    >> >> > error 2
    >> >> > Details:
    >> >> > ------------------------------------------------------------
    >> >> > DC: spro.sprosys.com
    >> >> > Friendly name: Default Domain Policy
    >> >> > Created: 10/12/2004 4:37:20 PM
    >> >> > Changed: 4/30/2005 7:28:50 AM
    >> >> > DS version: 1(user) 3(machine)
    >> >> > Sysvol version: not found
    >> >> > Flags: 0
    >> >> > User extensions:
    >> >> > [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]
    >> >> > Machine extensions:
    >> >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> > ------------------------------------------------------------
    >> >> > DC: softpro.sprosys.com
    >> >> > Friendly name: Default Domain Policy
    >> >> > Created: 10/12/2004 4:37:20 PM
    >> >> > Changed: 4/30/2005 7:29:56 AM
    >> >> > DS version: 1(user) 3(machine)
    >> >> > Sysvol version: not found
    >> >> > Flags: 0
    >> >> > User extensions:
    >> >> > [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]
    >> >> > Machine extensions:
    >> >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> > ============================================================
    >> >> > Policy {5176A5A6-48DD-4A96-8405-A815C10B7EA8}
    >> >> > Policy OK
    >> >> > Details:
    >> >> > ------------------------------------------------------------
    >> >> > DC: spro.sprosys.com
    >> >> > Friendly name: terminal
    >> >> > Created: 2/28/2005 12:22:15 PM
    >> >> > Changed: 4/28/2005 10:05:15 AM
    >> >> > DS version: 1(user) 0(machine)
    >> >> > Sysvol version: 1(user) 0(machine)
    >> >> > Flags: 0
    >> >> > User extensions:
    >> >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    >> >> > Machine extensions: not found
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> > ------------------------------------------------------------
    >> >> > DC: softpro.sprosys.com
    >> >> > Friendly name: terminal
    >> >> > Created: 2/28/2005 12:22:15 PM
    >> >> > Changed: 4/28/2005 10:01:08 AM
    >> >> > DS version: 1(user) 0(machine)
    >> >> > Sysvol version: 1(user) 0(machine)
    >> >> > Flags: 0
    >> >> > User extensions:
    >> >> > [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
    >> >> > Machine extensions: not found
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> > ============================================================
    >> >> > Policy {6AC1786C-016F-11D2-945F-00C04FB984F9}
    >> >> > Error: Cannot access
    >> >> > \\spro.sprosys.com\sysvol\sprosys.com\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9},
    >> >> > error 2
    >> >> > Error: Cannot access
    >> >> > \\softpro.sprosys.com\sysvol\sprosys.com\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9},
    >> >> > error 2
    >> >> > Details:
    >> >> > ------------------------------------------------------------
    >> >> > DC: spro.sprosys.com
    >> >> > Friendly name: Default Domain Controllers Policy
    >> >> > Created: 10/12/2004 4:37:20 PM
    >> >> > Changed: 4/28/2005 10:05:15 AM
    >> >> > DS version: 0(user) 4(machine)
    >> >> > Sysvol version: not found
    >> >> > Flags: 0
    >> >> > User extensions: not found
    >> >> > Machine extensions:
    >> >> > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> > ------------------------------------------------------------
    >> >> > DC: softpro.sprosys.com
    >> >> > Friendly name: Default Domain Controllers Policy
    >> >> > Created: 10/12/2004 4:37:20 PM
    >> >> > Changed: 4/28/2005 10:01:01 AM
    >> >> > DS version: 0(user) 4(machine)
    >> >> > Sysvol version: not found
    >> >> > Flags: 0
    >> >> > User extensions: not found
    >> >> > Machine extensions:
    >> >> > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> > ============================================================
    >> >> > Policy {E3668F2C-D789-4A77-822D-DEABB4B9A657}
    >> >> > Policy OK
    >> >> > Details:
    >> >> > ------------------------------------------------------------
    >> >> > DC: spro.sprosys.com
    >> >> > Friendly name: New Group Policy Object
    >> >> > Created: 4/27/2005 3:54:32 AM
    >> >> > Changed: 4/28/2005 10:05:15 AM
    >> >> > DS version: 0(user) 34(machine)
    >> >> > Sysvol version: 0(user) 34(machine)
    >> >> > Flags: 0
    >> >> > User extensions: not found
    >> >> > Machine extensions:
    >> >> > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> > ------------------------------------------------------------
    >> >> > DC: softpro.sprosys.com
    >> >> > Friendly name: New Group Policy Object
    >> >> > Created: 4/27/2005 3:54:32 AM
    >> >> > Changed: 4/28/2005 10:00:51 AM
    >> >> > DS version: 0(user) 34(machine)
    >> >> > Sysvol version: 0(user) 34(machine)
    >> >> > Flags: 0
    >> >> > User extensions: not found
    >> >> > Machine extensions:
    >> >> > [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
    >> >> > Functionality version: 2
    >> >> > ------------------------------------------------------------
    >> >> >
    >> >> > Errors found
    >> >> >
    >> >> > Thanks and Regards
Ask a new question

Read More

Policy Security Domain Windows