Group Policy Error 1096 – Microsoft-Windows-GroupPolicy cannot be found

2017-12-11T16:20:55+00:00 June 26th, 2013|Azure, Cloud|

We recently had an issue where a user was unable to pull down new group policy, the RSOP showed  an error: “AD / SYSVOL Version Mismatch” however it seemed to only be affecting one user so this was misleading.  A manual “gpupdate /force” command also resulted in an error.  After checking the event log I came across the following error:

The description for Event ID 1096 from source Microsoft-Windows-GroupPolicy cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

If the event originated on another computer, the display information had to be saved with the event.

The following information was included with the event:

2
1240
0
594
0

The operation completed successfully.

<PDC>.domain.local

LocalGPO

C:windowsSystem32GroupPolicyMachineregistry.pol

The handle is invalid

I located the file and found that it was 0Kb – clearly not right!  I removed the file and rebooted, after the reboot I could see that the file was now 19Kb and Group Policy now successfully applied.  It seems the file had become corrupt and could not be overwritten until it was removed.