IP security policy missing?

[Jonesy]

I have a brand new server loaded with windows 2003/exchange 2003. I
stumbled onto this problem when testing, and am hoping I can fix without
reloading.

Whenever I go to through either Group Policy Object Editor or just add the
IP Security Policies on the Local Machine the following error is returned:
IP Security Policy Management: The IPSec policy storage container could not
be opened. The following error occurred: The system cannot find the file
specified. (80070002).

I have a couple of other win2003 servers that don't experience this. Is
there any way to repair this? Thanks.

 

[Tim Springston \(MSFT\)]

Hi Jonesy-

It sounds like the actual policy files for that GPO (in the SYSVOL) may be
missing. Is this machine a domain controller then?

If you go into the properties of the group policy you're seeing the problem
with it will display the GUID of that policy. You can use this GUID to
locate the policy in the SYSVOL.

%systemroot%\SYSVOL\SYSVOL\<domainname>\Policies\<GPO GUID>

You can then give a quick look to verify that the files appear there, just
as an overview, and possibly compare the contents to the same location on a
working DC.

 

[JD]

Hello, thanks for the reply. However, this machine is not a DC.

 

[Tim Springston \(MSFT\)]

Are the machines that are seeing this error processing all group policy
correctly? For example, what does the result of RSOP or GPRESULT say?

 

[Jonesy]

Sorry, this is the local security policy we are talking about, and nothing
has been changed since installing the OS. Nothing seems out of the ordinary
when running RSOP or GPRESULT.... I was hoping I could just replace the
file it was looking for, or import the stuff it needs from another box, but
there is no export option. I can however, go to a different win2003 server
and export it's settings to a file - there is just no way to import them on
the box that needs them.

Would booting to the Windows CD and running a repair take care of this
maybe?