I have been trying to get the company I am currently working for up to snuff on thier active directory implementation, unfortunately I have hit a bit of a snag.
I was modifying their default domain policy (which had never been edited before) and found computers were selective in picking it up. Some took it fine while others would not apply the Computer Settings. The PCs not taking it, when doing a gpupdate /Force, say it completed successfully. Running a gpresult /v only shows the results for the user successfully, the Computer Configuration is not even generated.
On ONE user computer (Windows 7) I found it's gpresult was referencing a server that does not exist here, apparently it WAS a domain controller taken offline. I don't see any references to the old DC in DNS or DHCP, neither is it set as a DC in AD. Running gpresult on the user's Windows 7 PC shows it is referencing this old DC server. I removed it from the domain changed the name and rejoined, it still seems to reference this DC. Deleting the registry settings for history for this PC give me this after a grresult
COMPUTER SETTINGS
Last time Group Policy was applied: 5/1/2013 at 10:21:51 AM
Group Policy was applied from: N/A
Group Policy slow link threshold: 500 kbps
Domain Name: EDV-AD-001
Domain Type: <Local Computer>
it now is looking at itself as the computer setting?
The USER Setting pulled from the correct server… What should I do next?
Best Answer
Probably it is still existing somewhere in the deeps of the ADS.
MS has a KB entry about removing such dead domain controllers.
http://support.microsoft.com/kb/216498/en-us