I know this is more of an Active Directory/GPO question, but, going to post it here and see if anyone has come across a similar experience.
We were troubleshooting a pool earlier, where, at a very high rate, our VMs were not applying the UEM GPO. For whatever reason, it was only this one pool of 500 (we have 3000 VMs total), and even in this pool, it wasn't every time. Very hit or miss.
When digging through the event viewer, we came across this error exactly on the problem desktops:
http://itcalls.blogspot.com/2014/09/event-1096-processing-of-group-policy.html
These VMs were created on August 11th. We have a locally set limit of 90 days before the computer account password can expire, so that wasn't it. We tried linking it to refreshes, but again, hit or miss. Meaning I could refresh a desktop, sometimes it would be ok, sometimes not. Frustrating that we can't spot anything consistently linked, other than the pool itself. Which means perhaps the parent? But we don't know what to really look for. Our parent is built off the domain, and joining the domain is handled via QuickPrep.
We did delete the pool outright, and all computer accounts, and thus far our testing has gone well, 19 out of 20 logins show UEM properly working. Of course, there's ONE to keep us annoyed. Has anyone seen issues similar to this? I'll be happy to talk to my Domain guy about it, but, I just need a bit more ammo.
Thanks in advance.
Hi epa80,
You might need a GPODev, ADDev, or HorizonDev instead of me :-), but here are a few thoughts:
Thanks for the reply. And yeah, I don't think this has anything to do with UEM, I posted it here though just because I thought with UEM so reliant on GPO running properly, maybe some mother UEM customer has come across this type of issue. In truth though, any VDI environment reliant on GPOs would see it.
Just this morning I logged into our pool we believe is having the issue, and again saw the issue. Some further testing showed another pool having the issue. The commonality of these 2 pools is they exist in the same VDI cluster of hosts. So now we're at that level, cluster. Another pool we tested in a separate cluster, we couldn't get the issue to happen.
So, on the VM it happened on today, this is the screenshot of the error in event viewer, and the text from the details tab is below that. You'll see that the error happened at 8:28AM. I didn't login through View onto the VM until about 8:55AM. Our working theory right now goes something like this:
So we're at a bit of a loss. Any input is appreciated.
+ System
- Provider
[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {AEA1B4FA-97D1-45F2-A64C-4D69FFFD92C9}
EventID 1096
Version 0
Level 2
Task 0
Opcode 1
Keywords 0x8000000000000000
- TimeCreated
[ SystemTime] 2017-09-13T12:28:34.256250000Z
EventRecordID 45808
- Correlation
[ ActivityID] {8ECF79A7-CAD3-4787-BF63-A1AFA9B125C4}
- Execution
[ ProcessID] 112
[ ThreadID] 1320
Channel System
Computer REDACTED
- Security
[ UserID] S-1-5-18
- EventData
SupportInfo1 2
SupportInfo2 1254
ProcessingMode 1
ProcessingTimeInMilliseconds 3188
ErrorCode 64
ErrorDescription The specified network name is no longer available.
DCName \\domain.controller.fqdn
GPOCNName LDAP://CN=Machine,cn={DE16CA21-9FDB-4B20-8FED-DC8297247855},cn=policies,cn=system,DC=rdacted,DC=redacted,DC=redacted
FilePath \\domain\sysvol\domain\Policies\{DE16CA21-9FDB-4B20-8FED-DC8297247855}\Machine\registry.pol
ErrorDescription The specified network name is no longer available also seems to point to some networking issue, but I'm afraid I have no ideas for further troubleshooting.
You could of course configure UEM in NoAD mode so you're not dependent on GPO, but it's probably better to get your infrastructure issues sorted first ![]()
