مشکل در گروپ پالیسی بعد از سیز کردن
درود
من یک دامین کنترل 2008 داشتم مشکل داشت هنگ میکرد خود به خود ریسیت میشد و بعضی وقتا دی ان اس هم کار نمیکرد.دامین خیلی قدیمی و مربوط به بیش از 8 سال پیش هست
یه ویندوز سرور 2016 به عنوان ادیشینال اوردم بالا ولی فیزمو رول ها منتقل نمیشدند(فقط یکیش منتقل شد) و من مجبور شدم سیز کردم الان 5 تا رول روی دامین کنترلر جدید هستند
مشکلی که دارم توی گروپ پالیسی ارور میده و من متوجه نشدم باید چیکار کنم
19 پاسخ
برای Disable کردن یوزر اکانت از کنسول AD U&C باید اقدام کنید نه Group Policy.
سلام
اون سه تا موردی که خودش گفته رو چک کردین؟
من یادم میاد سرور یک مجموعه ای رو باج افزار زده بود و من مجبور شدم مثل شما ادیشنال بسازم و سرور رو انتقال بدم و اونجا هم برای تنظیمات گروپ پالیسی همین مشکل و پیغام میومد بعد که دقت کردم دیدم وقتی 5تا رول رو انتقال میدیم ، از سرور قبلی یک سری فایل به سرور جدید انتقال پیدا میکنه (که این موضوع رو از انتقال فایلهایی با پسوند باج افزار به سرور جدید متوجه شدم)
احتمالا فایلهای مشکل دار سرور قدیمی به سرور جدید منتقل شده و این مشکلات رو بوجود آورده
مشکل اپدیت گروپ پالیسی حل شد ولی دیاگ همچنان مثل قبل هست
و تا االان به مشکلی برنخوردم
ممنونم مهندس کریمپور
ارور Replication توی خروجی دستور مشاهده میشه. این نشون میده دامین کنترلر قدیمی رو به درستی Demote نکردید. Metadata Cleanup رو توی سرور 2016 اجرا کنید تا اثرات باقی مونده از دامین کنترلر قدیمی پاک بشه. لینک زیر رو ببینید.
حذف کامل Domain Controller های از مدار خارج شده
نکته : زمانیکه دامین کنترلر شما سالم هست و داره فعالیت می کنه نیازی نیست که Seize اش کنید کافیه FSMO Role ها را به دامین کنترلر جدید انتقال بدید. Seize کردن واسه زمانی هست که دامین کنترلرتون خاموش هست و کلا خراب شده ( اصلا منهدم شده ! ) و شما در این حالت باید وارد DC جدید بشید و FSMO هارو Seize کنید و Metadata های باقی مونده از DC قدیمی و از مدار خارج شده رو از روی DC جدید پاک کنید.
زمانیکه Metadata Cleanup رو اجرا می کنید دامین کنترلر قدیمی تون Demote میشه از روی دامین کنترلر جدید. وقتی شما Seize می کنید Role ها رو شما باید از روش Metadata Cleanup برای Demote کردن DC قدیمی استفاده کنید. چون که همونطوری که گفتم Seize کردن برای زمانی هست که DC قدیمی از مدار خارج شده و بهش دیگه دسترسی ندارید تا Restore اش کنید. این کاری که برای انتقال FSMO Role ها انجام دادین از همون اول اشتباه بود. حالا باید شما DC قدیمی رو Demote کنید و دیگه برش نگردونید به مدار و خاموش نگهش دارید. همیشه بخاطر داشته باشید که دامین کنترلری که Seize شده دیگه نباید به مدار برگرده. بعد از اینکه این کار رو انجام دادین DC جدید دیگه نمیتونه DC قدیمی رو ببینه.
مجبور شدیم کل دومین رو مجدد راه اندازی کنیم
لطفا خروجی دستور dcdiag رو اینجا بزارید.
فقط برای تست پالیسی ست کردم
تعداد کاراکتر های رمز از 8 تا گذاشتم 6 تا
الان رمز کاربرا هم ریسیت کردم اوکی هست کار میکنه
همین یک دونه دارم.قبلی خاموش کردم
چه Policy ای رو ایجاد کردین ؟
چند تا DC رو توی شبکه دارین ؟ بغیر از سرور 2016 ؟
PS C:\Users\administrator.ERP> dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = ADDC
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\ADDC
Starting test: Connectivity
......................... ADDC passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\ADDC
Starting test: Advertising
......................... ADDC passed test Advertising
Starting test: FrsEvent
......................... ADDC passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL
replication problems may cause Group Policy problems.
......................... ADDC failed test DFSREvent
Starting test: SysVolCheck
......................... ADDC passed test SysVolCheck
Starting test: KccEvent
......................... ADDC passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... ADDC passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... ADDC passed test MachineAccount
Starting test: NCSecDesc
......................... ADDC passed test NCSecDesc
Starting test: NetLogons
......................... ADDC passed test NetLogons
Starting test: ObjectsReplicated
......................... ADDC passed test ObjectsReplicated
Starting test: Replications
[Replications Check,ADDC] A recent replication attempt failed:
From VISIONDC to ADDC
Naming Context: DC=ForestDnsZones,DC=erp,DC=persianvision,DC=com
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.
The failure occurred at 2019-01-04 00:50:14.
The last success occurred at 2019-01-03 12:02:36.
14 failures have occurred since the last success.
[VISIONDC] DsBindWithSpnEx() failed with error -2146893022,
The target principal name is incorrect..
[Replications Check,ADDC] A recent replication attempt failed:
From VISIONDC to ADDC
Naming Context: DC=DomainDnsZones,DC=erp,DC=persianvision,DC=com
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.
The failure occurred at 2019-01-04 00:50:14.
The last success occurred at 2019-01-03 12:02:36.
14 failures have occurred since the last success.
[Replications Check,ADDC] A recent replication attempt failed:
From VISIONDC to ADDC
Naming Context: CN=Schema,CN=Configuration,DC=erp,DC=persianvision,DC=com
The replication generated an error (-2146893022):
The target principal name is incorrect.
The failure occurred at 2019-01-04 00:50:14.
The last success occurred at 2019-01-03 12:02:36.
14 failures have occurred since the last success.
[Replications Check,ADDC] A recent replication attempt failed:
From VISIONDC to ADDC
Naming Context: CN=Configuration,DC=erp,DC=persianvision,DC=com
The replication generated an error (-2146893022):
The target principal name is incorrect.
The failure occurred at 2019-01-04 00:50:14.
The last success occurred at 2019-01-03 12:02:36.
14 failures have occurred since the last success.
[Replications Check,ADDC] A recent replication attempt failed:
From VISIONDC to ADDC
Naming Context: DC=erp,DC=persianvision,DC=com
The replication generated an error (-2146893022):
The target principal name is incorrect.
The failure occurred at 2019-01-04 00:50:14.
The last success occurred at 2019-01-03 12:02:36.
14 failures have occurred since the last success.
......................... ADDC failed test Replications
Starting test: RidManager
......................... ADDC passed test RidManager
Starting test: Services
......................... ADDC passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 00:04:02
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp
.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successf
ul. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caus
ed by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 00:09:02
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp
.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successf
ul. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caus
ed by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 00:14:02
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp
.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successf
ul. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caus
ed by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 00:19:02
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp
.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successf
ul. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caus
ed by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 00:24:02
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp
.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successf
ul. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caus
ed by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 00:29:03
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp
.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successf
ul. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caus
ed by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 00:34:03
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp
.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successf
ul. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caus
ed by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 00:39:03
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp
.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successf
ul. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caus
ed by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 00:44:03
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp
.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successf
ul. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caus
ed by one or more of the following:
An error event occurred. EventID: 0x40000004
Time Generated: 01042019 00:44:52
Event String:
The Kerberos client received a KRBAPERR_MODIFIED error from the server addc$. The target name used was ERP
\VISIONDC$. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur wh
en the target server principal name (SPN) is registered on an account other than the account the target service is using
. Ensure that the target SPN is only registered on the account used by the server. This error can also happen if the tar
get service account password is different than what is configured on the Kerberos Key Distribution Center for that targe
t service. Ensure that the service on the server and the KDC are both configured to use the same password. If the server
name is not fully qualified, and the target domain (ERP.PERSIANVISION.COM) is different from the client domain (ERP.PER
SIANVISION.COM), check if there are identically named server accounts in these two domains, or use the fully-qualified n
ame to identify the server.
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 00:49:03
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp
.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successf
ul. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caus
ed by one or more of the following:
An error event occurred. EventID: 0x40000004
Time Generated: 01042019 00:50:14
Event String:
The Kerberos client received a KRBAPERR_MODIFIED error from the server addc$. The target name used was E35
14235-4B06-11D1-AB04-00C04FC2DCD2b68d6162-7e18-4aac-a252-ce5fe48d5859erp.persianvision.com@erp.persianvision.com. This
indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target se
rver principal name (SPN) is registered on an account other than the account the target service is using. Ensure that th
e target SPN is only registered on the account used by the server. This error can also happen if the target service acco
unt password is different than what is configured on the Kerberos Key Distribution Center for that target service. Ensur
e that the service on the server and the KDC are both configured to use the same password. If the server name is not ful
ly qualified, and the target domain (ERP.PERSIANVISION.COM) is different from the client domain (ERP.PERSIANVISION.COM),
check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify
the server.
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 00:54:03
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp
.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successf
ul. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caus
ed by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 00:59:03
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp
.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successf
ul. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caus
ed by one or more of the following:
An error event occurred. EventID: 0x40000004
Time Generated: 01042019 01:00:38
Event String:
The Kerberos client received a KRBAPERR_MODIFIED error from the server addc$. The target name used was LDA
P/b68d6162-7e18-4aac-a252-ce5fe48d5859._msdcs.erp.persianvision.com. This indicates that the target server failed to dec
rypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an a
ccount other than the account the target service is using. Ensure that the target SPN is only registered on the account
used by the server. This error can also happen if the target service account password is different than what is configur
ed on the Kerberos Key Distribution Center for that target service. Ensure that the service on the server and the KDC ar
e both configured to use the same password. If the server name is not fully qualified, and the target domain (ERP.PERSIA
NVISION.COM) is different from the client domain (ERP.PERSIANVISION.COM), check if there are identically named server ac
counts in these two domains, or use the fully-qualified name to identify the server.
......................... ADDC failed test SystemLog
Starting test: VerifyReferences
......................... ADDC passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : erp
Starting test: CheckSDRefDom
......................... erp passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... erp passed test CrossRefValidation
Running enterprise tests on : erp.persianvision.com
Starting test: LocatorCheck
......................... erp.persianvision.com passed test LocatorCheck
Starting test: Intersite
......................... erp.persianvision.com passed test Intersite
PS C:\Users\administrator.ERP>
یادم رفت بگم که اون رول هایی که منتقل میشه در پوشه SYSVOL و NETLOGON قرار داره که از سرور قدیمی به سرور جدید منتقل میشه...
کارایی که گفته شده بود توی لینک انجام دادم
و این هم خروجی دستور dcdiag هست
C:\Users\administrator.ERP>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = ADDC
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\ADDC
Starting test: Connectivity
......................... ADDC passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\ADDC
Starting test: Advertising
......................... ADDC passed test Advertising
Starting test: FrsEvent
......................... ADDC passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may
cause Group Policy problems.
......................... ADDC failed test DFSREvent
Starting test: SysVolCheck
......................... ADDC passed test SysVolCheck
Starting test: KccEvent
......................... ADDC passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... ADDC passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... ADDC passed test MachineAccount
Starting test: NCSecDesc
......................... ADDC passed test NCSecDesc
Starting test: NetLogons
......................... ADDC passed test NetLogons
Starting test: ObjectsReplicated
......................... ADDC passed test ObjectsReplicated
Starting test: Replications
......................... ADDC passed test Replications
Starting test: RidManager
......................... ADDC passed test RidManager
Starting test: Services
......................... ADDC passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 02:59:07
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 03:04:07
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 03:09:07
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 03:14:07
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 03:19:07
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 03:24:07
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 03:29:07
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 03:34:08
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 03:39:08
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 03:44:08
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x40000004
Time Generated: 01042019 03:44:53
Event String:
The Kerberos client received a KRBAPERR_MODIFIED error from the server addc$. The target name used was ERP\VISIONDC$. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server. This error can also happen if the target service account password is different than what is configured on the Kerberos Key Distribution Center for that target service. Ensure that the service on the server and the KDC are both configured to use the same password. If the server name is not fully qualified, and the target domain (ERP.PERSIANVISION.COM) is different from the client domain (ERP.PERSIANVISION.COM), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 03:49:08
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 03:54:08
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01042019 03:54:55
Event String:
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
......................... ADDC failed test SystemLog
Starting test: VerifyReferences
......................... ADDC passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : erp
Starting test: CheckSDRefDom
......................... erp passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... erp passed test CrossRefValidation
Running enterprise tests on : erp.persianvision.com
Starting test: LocatorCheck
......................... erp.persianvision.com passed test LocatorCheck
Starting test: Intersite
......................... erp.persianvision.com passed test Intersite
C:\Users\administrator.ERP>
میدونم مهندس
اونو گفتم که بدونین سریع Replicate داشتن بدون هیچ مشکل یا تاخیری
الان من چطور میتونم دامین رو تست کنم که مشکلی نداره ؟یوزرها لاگین میکنن مشکلی ندارن
ولی فردا روز کاری مشخص میشه و من میخوام قبلش تست کنم
بعد از سیز 5 تا رول کاری دیگه باید انجام بشه؟
من دامین کنترلر قبلی خاموش کردم و ایپیشو دادم به این جدیده
دامین کنترلر قدیمی رو روشن کنید و Demote کنید. حالا DC قدیمی رو خاموش کنید بعد در DC جدید وارد کنسول Active Directory Sites and Services بشید و چک ببینید دامین کنترلر قدیمی تون در قسمت Servers وجود داره یا خیر. اگه بود حذفش کنید. وارد کنسول مدیریتی DNS بشید و تمام رکورد های باقی مونده از DC قدیمی رو پاک کنید. در آخر نرم افزار CCleaner رو روی DC جدید اجرا کنید و سرور رو پاکسازی کنید و کلید های رجیستری معیوب رو تعمیر کنید. سرور رو Restart کنید و دوباره تست کنید.
دستور زیر رو اجرا کنید و خروجی رو اینجا بزارید :
netdom query fsmo
دستور gpupdate رو روی دامین کنترلر اجرا نمی کنن دوست عزیز بلکه روی سیستم های کلاینت اجرا می کنن. الان دلیل اینکه دستور gpupdate /force رو روی دامین کنترلر اجرا کردید چی هست ؟ Policy ساختین ؟
قبل از اینکه بصورت کامل Migrate کنید به ویندوز سرور 2016 این دو سرور با هم به درستی Replicate میکردن ؟
الان من کارایی که توی لینک بود انجام دادم ولی ارور هست
ممنونم رسول جان و مهندس کریمپور
رسول جان الان چیکار کنم؟
اره من یک یوزر غیرفعال کردم توی دامین دیگه زیر 1 ثانیه اعمال شده بود
الان مجبور شدم یک دامین کنترل تازه داشته باشم.قبلی اذیتم میکرد
و میخواستم مطمعن بشم که همه چیز کار میکنه.
همه ی خط های ارور مربوط به این هست
The processing of Group Policy failed. Windows attempted to read the file \\erp.persianvision.com\sysvol\erp.persianvision.com\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may
و توی همه اش تکرار شده
رول ها منتقل نمیشد مجبور شدم سیز کنم
من قبلی هم خاموش کردم و دیموت نکردم برای پشتیبانی نگه داشتم
الان میتونم فقط با متادیتا کلین اپ مشکلم حل کنم؟