The processing of Group Policy failed, Event ID 1058

Error message The processing of Group Policy failed, Event ID 1058 occurs in Windows Server, when the OS is not able to read the file from a domain controller. The Group Policy service reads the information from Active Directory and the sysvol share located on a domain controller. However, the absence of network connectivity or permission issue prevents Group Policy from applying to the user or computer.

Processing of Group Policy failed Event ID 1058

The error message could look like

Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1058
Date:
Time:
User:  NT AUTHORITY\SYSTEM
Computer: TWC-ASH-Post01
Description:
Windows cannot access the file gpt.ini for GPO cn={18C553C9-0D15-4A3A-9C68-60DCD8CA1538},cn=policies,cn=system,DC=LBR,DC=CO,DC=ZA. The file must be present at the location <PATH>. (Access is denied.). Group Policy processing aborted.

The processing of Group Policy failed, Event ID 1058

If you read the Event log, it will be apparent that since the service was not able to read the policy, it wasn’t able to apply. The good news is that its only a temporary issue. Apart from the network issue, it can also because of file resolution service latency and DSF client being disabled.

When checking the logs, if you check under Details tab of the error message in Event Viewer, any of these error codes could be present – Error code 3, Error code 5 and Error code 53. Follow these suggestionso resolve the problem.

  1. The system cannot find the path specified—Error code 3
  2. Access is denied—Error code 5
  3. The network path was not found—Error code 53

After any of these methods, if you need to troubleshoot network, check out our Network troubleshooting guide.

1] The system cannot find the path specified – Error code 3

It occurs when the DFS client is not running on the client computer because it cannot find the path specified in the event. To test client connectivity to the domain controller’s sysvol:

  1. Find the domain controller name available in the details of the error event.
  2. Check if the failure happened during user or computer processing
    • User policy processing: The User field of the event will show a valid user name
    • Computer policy processing: the User field will show “SYSTEM.”
  3. Next, you need to compose a full network path to the gpt.ini. The format should be as \\<dcName>\SYSVOL\<domain>\Policies\<guid>\gpt.ini. All this will be available in the event log.
    • <dcName> : Name of the domain controller
    • <domain> : It’s the name of the domain,
    • <guid>: It’s the GUID of the policy folder.

Done that, verify you can read gpt.ini using the full network path which you constructed in the above step. You can do it from the Command Prompt or the run Windows. Make sure to try it with the user or computer whose credentials previously failed.

2] Access is denied – Error code 5

If the error code is 5, then its a permission issue. When the user or computer does not have the appropriate permissions to access the path specified in the event. The resolution is simple, ensure the user or computer has the permission.

Log off and reboot the computer, and then Log on the computer with the domain credentials previously used. If it doesn’t work, make sure to assign the permission from the domain controller.

3] The network path was not found – Error code 53

Error Code 53 means that the computer is not able to resolve the name in the provided network path. You will need to use the same computer or user to check if you can manually access the network path.

  1. Identify the domain controller used by the computer available in the Error event
  2. Next,connect to netlogon share on the domain i.e. try to access the path directly  \\<dcName>\netlogon. where <dcName> is the name of the domain controller in the error event.
  3. If the path doesn’t resolve, then there is an issue with the path which needs correction. If you are sure that the path is correct, then check with permission.

Post this; you need to verify if everything is fine. The best way is to run the gpudate command in the Run prompt. When the gpupdate command completes, open the Event Viewer to check if the error still exists.

Posted by on , in Category Windows with Tags
Ashish is a veteran Windows, and Xbox user who excels in writing tips, tricks, and features on it to improve your day to day experience with your devices.