Event ID 1097 — Group Policy Preprocessing (Security)

Applies To: Windows Server 2008

Group Policy preprocessing uses security to act on behalf of the computer or user. Incorrect permissions or security failures can prevent Group Policy from applying to the computer or user.

Event Details

Resolve

Correct computer authentication

Domain computers authenticate to the domain as do domain users. Windows requires the computer to log on before it can apply Group Policy to the computer.

Possible resolutions include: 

• Verify that the time on the computer is synchronized with the time on the domain controller. Account for time zone misconfigurations if the computer is configured in a time zone different from domain controller. A time difference greater than five minutes between the computer and the domain controller may lead to the computer failing to authenticate with the domain. Force time synchronization against time service using command w32tm /resync.
• Restart the computer

Verify

Group Policy applies during computer startup and user logon. Afterward, Group Policy applies every 90 to 120 minutes. Events appearing in the event log may not reflect the most current state of Group Policy. Therefore, you should always refresh Group Policy to determine if Group Policy is working correctly.

To refresh Group Policy on a specific computer:

1. Open the Start menu. Click All Programs and then click Accessories.
2. Click Command Prompt.
3. In the command prompt window, type gpupdate and then press ENTER.
4. When the gpupdate command completes, open the Event Viewer.

Group Policy is working correctly if the last Group Policy event to appear in the System event log has one of the following event IDs:

• 1500
• 1501
• 1502
• 1503

Related Management Information

Group Policy Preprocessing (Security)

Group Policy Infrastructure