During the process of adding a Windows Server 2008 R2 Domain Controller to my Windows Server 2003 Active Directory Domain, I began receiving error messages in the event log regarding Group Policy Processing.
Log Name: System
Date: 11/1/2011 9:44:51 AM
Event ID: 1006
Task Category: None
The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.
I also would receive the following message when using the Group Policy Results Wizard in the Group Policy Management Console.
Group Policy Infrastructure failed due to the error listed below.
Logon failure: unknown user name or bad password.
Note: Due to the GP Core failure, none of the other Group Policy components processed their policy. Consequently, status information for the other components is not available.
Additional information may have been logged. Review the Policy Events tab in the console or the application event log for events between 11/1/2011 10:59:04 AM and 11/1/2011 10:59:07 AM.
I tried the Microsoft Knowledge-base Article KB939820. Basically, this provided me with a hotfix to install on my Windows Server 2003 Domain Controllers. However, this did not resolve my problem.
So I did some further searching and came across Clint Boessen’s Blog. This described my problem perfectly and the solution was as simple as can be.
Ensure the hosts file on the Domain Controller does not contain any entries referring to itself.
After correcting the hosts file, I was able to perform a gpupdate and all the errors were cleared in both the event viewer and the Group Policy Results Wizard.