MCITP 70-640: Group Policy Replication

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

in this video from IT free training I will look at how group policy is replicated understanding how group policy is replicated will help you troubleshoot problems with group policy later on when group policy is not being applied as expected in your domain before I look at the systems that are used to replicate group policy in the domain I will first look at the group policy object you may wonder why Microsoft decided to call a single group policy a group policy object or GPL the reason for this is that each group policy object is made up of two parts these are the group policy container and the group policy template the group policy container or GPC is essentially an active directory object and thus is stored in the Active Directory database the group policy template or GPT is a collection of files and thus cannot be stored in Active Directory for this reason it is instead stored in the sysvol folder the sysvol folder is present on all domain controllers and is replicated to other domain controllers in the domain thus what is referred to as a group policy object is an object in Active Directory and the files located in the sysvol folder this also means that both parts of a single group policy are replicated using different replication systems the active directory object is replicated using Active Directory replication the same way that a user or computer account would be replicated the files for the group policy object are replicated using file replication surface or distributed file system replication distributed file system replication is only available on Windows Server 2008 the question then arises could these two systems become out of sync with each other the answer to this is yes they can if replication is working correctly on your network then sync related problems should be rare and only happen for a short period of time while replication is occurring if you notice that you are experiencing problems checked for replication problems in the Event Viewer and used tools like rep admin I will now change to my Windows Server 2008 r2 domain controller to see how to check if group policy in Active Directory and the sysvol folder are in sync first of all I will open group policy management from Administrative Tools under the Start menu in this case I will have a look at the default domain policy to see the current replication status select the details tab on this tab you can see the version information for user configuration to the right of this you can see that the active directory version is - and the sysvol version is also - under this is the computer configuration version which is set to 9 for both active directory and the sysvol as long as both version numbers are the same group policy is in sync under this you can see the unique ID for this group policy this is used to reference the group policy object in Active Directory in the sysvol folder and the Active Directory database to put all this together I will now open the sysvol folder and navigate into my domain the files for the group policy for this domain are stored in the policies folder here you can see all the group policies for this domain found in folders named after their unique ID I will now open the folder that contains the default domain policy the file that I am interested in is the GPT dot Amy file in this file you can see the version number for this group policy is listed the number may seem a little high considering user configuration had two revisions and computer configuration had nine revisions if I copy this number to the clipboard and then open windows calculator from the Start menu notice that when I paste this number into windows calculator and select the option for hexadecimal I now see the version numbers two and nine essentially the version number is a 32-bit value that is divided into two halves the first half or 16 bits is the user configuration version and the last 16 bits is the computer configuration version this cut the file side of group policy to look at the database part I will open Active Directory users and computers from the Start menu to see Group Policy in Active Directory users and computers I need to select the View menu and make sure that the option advanced features is ticked Group Policy can be found under system in the policies folder once again I will need to find the folder with the same unique ID for the default domain policy once I find this folder I will open the properties for it in the properties select the attribute editor and scroll down to version number notice this version is the same number as the number that was in group policy management this should give you an understanding of how a group policy object is stored it is beyond the scope of this video to go into troubleshooting version problems with group policy however if you are having problems with Group Policy and notice the version numbers between the active directory and the sysvol are different this should give you an idea what to troubleshoot thanks for watching this free video on group policy replication only one of the free videos for the group policy course part of the Active Directory course if you want to receive the latest video consider subscribing to our YouTube channel thanks and see you next time

Info

Channel: itfreetraining

Views: 39,765

Rating: undefined out of 5

Keywords: Group Policy Replication, Active Directory, 70-640, MCITP, MCTS, ITFreeTraining

Id: vZny67GRbJQ

Channel Id: undefined

Length: 6min 10sec (370 seconds)

Published: Sun Jan 27 2013