Event ID 14003 — Wired Network (IEEE 802.3) Policies Application

  • Article

Applies To: Windows Server 2008

Wired Network (IEEE 802.3) Policies is applied to all Institute of Electrical and Electronics Engineers (IEEE) 802.3 Ethernet Local Area Connections on the computer. Wired Network (IEEE 802.3) Policies, Group Policy, and client-side extensions are used to configure IEEE 802.1X authenticaton settings and network connectivity settings. Wired Network (IEEE 802.3) Policies specifies the settings that enable domain member clients to connect to IEEE 802.3 Ethernet networks by using 802.1X authenticating switches.

Event Details

Product: Windows Operating System
ID: 14003
Source: Microsoft-Windows-LanGPA
Version: 6.0
Symbolic Name: GPNotApplied
Message: A %1 Wired Group Policy couldn't be applied to your computer.

Wired Group Policy Name: %2%3
Reason Code: %4

Resolve

Import a valid profile and reapply Wired Network (IEEE 802.3) Policies

Wired Network (IEEE 802.3) Policies is not applied

For computers already configured with Wired Network (IEEE 802.3) Policies, Group Policy is applied for the Wired AutoConfig service when the computer is started, and whenever an updated policy is downloaded. If Group Policy is updated on the server while the computer is turned off, the last known policy (which might be stale) is immediately applied when the computer is started. If the 802.1X settings on the computer authorize the computer for network access, updated policies are downloaded and applied when the computer connects to the network, prior to user authentication. If 802.1X settings on the computer cannot authorize computer network access at startup, then application of updated policies occurs immediately after user authentication.

This event is typically a result of win32 errors. This event is generated if the win32 reason code is returned when the Wired Network (IEEE 802.3) Policies component calls win32 APIs. If the Wired Network (IEEE 802.3) Policies are not applied, the wired network profile does not conform to the schema, and therefore is invalid.

To determine if the wired network profile is invalid:

  1. Click Start, click All Programs, and then click Accessories.
  2. Click Command Prompt, and then press ENTER.
  3. At the command prompt, type netsh lan show profile
  4. If the output of the command returns a response indicating that "the profile does not conform to the schema," use the section named "Correcting Wired Network (IEEE 802.3) Policies is not applied" to resolve the issue.

Correcting Wired Network (IEEE 802.3) Policies is not applied

Correction for this error involves a three-step process:

  1. Log on to a computer that has a valid profile. Use the netsh lan export profile command to save the valid profile to portable media, such as a universal serial bus (USB) flash drive. "Use the section, named "Export a valid profile", to export the profile so that it can be imported onto another computer."
  2. Log on to the computer that has the invalid profile, connect the portable media with the valid profile, then use the netsh lan add profile command to overwrite the invalid profile with the valid profile. "Use the section, named "Import a valid profile", to import the profile onto another computer."
  3. On the computer with the updated profile, run the gpupdate command to refresh Group Policy settings. "Use the section, named "Run the gpupdate command to refresh Group Policy", to refresh the computers Group Policy settings."

The following procedures provide the series of instructions required to complete the three-step corrective process.

  • To perform these procedures, you must be logged on by using a local computer Administrator account, or you must have been delegated the appropriate authority. If you are not logged on using an account that belongs to the Administrators group, you must be able to supply administrator credentials, in order to run the command prompt as administrator.
  • For more information, see the complete Netsh Commands for Wired Local Area Network (LAN) on the Web at https://go.microsoft.com/fwlink/?LinkId=81754.

Export a valid profile

  1. Log on to the computer that has a valid profile, click Start, click All Programs, and then click Accessories.
  2. Right-click Command Prompt, and then click Run as administrator, to run the command prompt as administrator.
  3. At the command prompt, type netsh, press ENTER, type lan, and then press ENTER.
  4. Run the netsh lan export profile command as follows:

Netsh lan "export profile" syntax:

  • export profile folder=PathAndFileName [[interface=]InterfaceName]

Netsh lan "export profile" example:

  • export profile folder="c:\Users\user\Documents\profile1.xml" interface="Local Area Connection"

Parameters

  • folder Required. Specifies the path and file name for the profile XML file.
  • interface Optional. Specifies the name of the interface on which the profile is configured.

Remarks

  • The folder parameter must specify an existing folder that is accessible from the local computer.
  • The path can be either an absolute path or relative path to the current working directory. In addition, "." refers to the current working directory, and ".." refers to the parent directory of the current working directory.
  • The folder name cannot be a Universal Naming Convention (UNC) path.
  • If the interface parameter is specified, only the specified profile associated with that interface is exported. Otherwise all profiles on the computer with the specified name are exported.
  • Profiles of specified interfaces are saved in the format "InterfaceName ProfileName.xml." Profiles at the computer level are saved in the file name format "ProfileName.xml."
  • There is wildcard support for this parameter. You can use the characters ? and * to replace a letter and letters of the interface name, respectively.

Import a profile

  1. Log on to the computer that has the invalid profile, click Start, click All Programs, and then click Accessories.
  2. Right-click Command Prompt, and then click Run as administrator, to run the command prompt as administrator.
  3. At the command prompt, type netsh, press ENTER, type lan, and then press ENTER.
  4. Run the netsh lan add profile command as follows:

Netsh lan "add profile" syntax:

  • add profile filename=PathAndProfileName interface=InterfaceName

Netsh lan "add profile" example:

  • add profile filename="C:\Users\WiredUser\Documents\profile1.xml" interface="Local Area Connection"

Parameters

  • filename Required. Specifies the path and name of the XML file containing the profile data.
  • interface Required. Specifies the name of the interface on which the profile will be set.

Remarks

  • The interface parameter specifies one of the interface names shown by the netsh lan show interface command.
  • The profile will be added to the specified interface.
  • There is wildcard support for this parameter. You can use the characters ? and * to replace a letter and letters of the interface name, respectively.

Run the gpupdate command to refresh Group Policy

  1. On the computer that imported the new profile, click Start, click All Programs, and then click Accessories.
  2. Right-click Command Prompt, and then click Run as administrator, to run the command prompt as administrator.
  3. At the command prompt, type gpupdate, and then press ENTER.
  4. Ensure that the output of the command says "User Policy update has completed successfully" and "Computer Policy update has completed successfully".

Verify

There are two methods to verify that Wired Network (IEEE 802.3) Policies are applied on the domain member client:

  • Check for applied Wired Network (IEEE 802.3) Policies by using Resultant Set of Policy
  • Check for applied Wired Network (IEEE 802.3) Policies by using the netsh lan command

To perform these procedures, you must be logged on by using a local computer Administrator account, or you must have been delegated the appropriate authority. If you are not logged on using an account that belongs to the Administrators group, you must be able to supply administrator credentials, in order to run the command prompt as administrator.

For more information, see the complete Netsh Commands for Wired Local Area Network (LAN) on the Web at https://go.microsoft.com/fwlink/?LinkId=81754.

Check for applied Wired Network (IEEE 802.3) Policies by using Resultant Set of Policy:

  1. Click Start, click All Programs, and then click Accessories.
  2. Right-click Command Prompt, and then click Run as administrator, to run the command prompt as administrator.
  3. At the command prompt, type rsop.msc, to open the Resultant Set of Policy Microsoft Management Console (MMC) snap-in.
  4. In Computer Configuration, open Windows Settings, open Security Settings, and then select Wired Network (IEEE 802.3) Policies.
  5. If a policy is displayed in the details pane, then Wired Network (IEEE 802.3) Policies is applied on the computer.

Check for applied Wired Network (IEEE 802.3) Policies by using the netsh lan command

  1. Click Start, click All Programs, and then click Accessories.
  2. Click Command Prompt, and then do one of the following:
    • At the command prompt, type netsh lan show profile to list the profiles.
    • At the command prompt, type netsh lan show profile ProfileName (where ProfileName is the name of the wired profile specified in Wired Network (IEEE 802.3) Policies) to display the profile settings.
  3. If the command returns results indicating that settings are configured by Group Policy, then Wired Network (IEEE 802.3) Policies is applied on the computer.

Wired Network (IEEE 802.3) Policies Application

Networking