Execute the below cmd from comment prompt to reset the GPO policies in the client machine, require a restart to take effect. reg delete HKEY_LOCAL_MACHINE\Software\Policies\Microsoft /f reg delete HKEY_CURRENT_USER\Software\Policies\Microsoft /f reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects /f reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies /f To know all CSEs installed in machine: Get-ItemProperty “HKLM:SOFTWAREMicrosoftWindows NTCurrentVersionWinlogonGPExtensions*” | ft “(default)”, PSChildName To know properties of a given CSE – Chrome Get-ItemProperty “HKLM:SOFTWAREMicrosoftWindows NTCurrentVersionWinlogonGPExtensions” | where {“$_.(default)” -like “Chrome*”}

Event ID 1085 Check-in ADSIedit.msc and clear the Gpc for machine and user from the respective GPO. After refering lots of articles and lots of research, it was just a small problem. I have opened ADSIEDIT.msc and done as below. 1- Expand the first folder (domain)2- And the next one go to CN=SYSTEM expand it3- Go to CN=Policies expand it4- Right click each folder of the policies click properties and search for gPCFileSysPath press edit and add the server name before the domain name done it for the remaining policies folders. For example as \\DCName.DomainName.local\sysvol\DomainName.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9} And i logged off and logged in on one of the member server and found…

to reset your Default Domain Policy and/or Default Domain Controllers Policy GPO to their default settings, perform the following steps: Log on as a Domain Administrator to a Domain Controller. Open an elevated command prompt. Enter the parameter to reset: dcgpofix /target:Domain to reset the Domain GPO. dcgpofix /target:DC to reset the Default DC GPO. dcgpofix /target:both to reset both the Domain and Default DC GPOs. After you enter the appropriate command in Step 3, enter Y to both prompts. Close the command window. For additional information on the dcgpofix command, refer to the Microsoft Technet website. Though not as widespread, problems can occur if you have edited a machine’s Local Security Policy. This policy can also be reset…

Note that Userenv logging per this article does not work on any version of Windows Vista or Windows Server 2008. It will work only on Windows 2000, 2003 or XP. Open Regedit on the problem computer and drill down to: HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon. Create a REG_DWORD with the value called UserEnvDebugLevel then set the value to 0x10002 in hexadecimal. The value is not case sensitive. Logging will start immediately to the Userenv.log file located in the %SystemRoot%DebugUserMode folder (no reboot or restart of services is required). If the Userenv.log file is larger than 300 KB, the file is renamed Userenv.bak, and a new Userenv.log file is created. This action occurs when a user logs on locally or by using Terminal Services,…

Userenv Logging When you enable userenv logging, you can perform debug logging of the user profile and the system policy processes. Userenv log files also contain information about the status of each Group Policy extension, such as Application Deployment, Security, and Folder Redirection. Userenv log files reveal what is occurring in the background as a user logs on. Userenv log files are especially useful because they be can be used to troubleshoot Windows 2000 operating systems, in which you cannot use Resultant Set of Policy (RSoP). In addition, if Active Directory replication is not working, RSoP will not work, leaving userenv log files as the only troubleshooting option. RSoP also…

If Userenv debug logging is enabled as per KB 221833, the userenv.log file will include the following: –       Slow link detection –       Machine Group Policy Application –       Processes and applications which start up as part of Userinit.exe (this includes most Startup items) –       Machine startup and shutdown scripts –       Profile loading or unloading at user login/logoff –       User Group Policy Application –       Internet Explorer GPO processing –       User login and logoff scripts –       Firewall rules processing for Windows Firewall Use Registry Editor to add or to modify the following registry entry:Subkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\WinlogonEntry: UserEnvDebugLevelType: REG_DWORDValue data: 10002 (Hexadecimal)UserEnvDebugLevel can have the following values:NONE 0x00000000NORMAL 0x00000001VERBOSE 0x00000002LOGFILE 0x00010000DEBUGGER 0x00020000The default value is NORMAL|LOGFILE (0x00010001). Note To disable logging, select NONE (0x00000000). You…

This article describes the following: What is WMI? Creating WMI filters Generate WMI code More than 30 GPO WMI filtering examples Testing WMI filters What is WMI? WMI is an uniform way to gain access to system or administrative information in a database-like kind of way. Most common syntax of a WMI query is: SELECT [property] from [wmi class] Creating WMI filters You create a WMI filter following the next steps: 1. Start Group Policy Management Console and connect to the domain. 2. Right click WMI Filters en choose New. 3. Enter a title and description for the filter and click Add. 4. Enter the query and click OK. 5. Repeat steps 3 and 4…

What is Sysvol? Sysvol is a special folder which is available in C:\Windows\SYSVOL directory in all domain controllers within the domain. This special folder contains the domain’s Group Policy settings, default profiles, and logon/logoff/startup/shutdown scripts.  When a user login to a client machine, it pulls all the group policy settings and login scripts available at its local DC’s SYSVOL folder. For this reason, this folders keeps on replicating between each other either using DFS-R (Distributed File System Replication Service) or the primitive FRS (File Replication Service).  Sysvol directory can be accessed using: \\domain-name\SYSVOL or\\DC-name\SYSVOL Contents of SYSVOL If you access the location C:\Windows\SYSVOL, you will see 4 folders – domain,…