Forum Discussion
Solved
Domain controller, 2 sites 4 servers - network configuration issues - GPO not replicating
I have an issue with our 4 DC's which have an legacy network config that I can't resolve to get GPO replication correctly. AD and DNS all show as replicating OK, but GPO is out of sync most of the t...
- Always good to check things out like that, 15 minutes is the inter-site replication between the sites and the lowest value you can configure in Sites and Services. So, that seems good and now the ACL's on the Group Policy folders like the sceenshot you posted. I have seen this before in the past, it listed a double Domain Admins group on it giving the ACL error.
icacls.exe \\dc02\sysvol\xxxxx.nl\Policies\{69085595-7CB7-43E8-B0B9-088DA92A8AE4} /remove:g "yyyyy\Domain Admins"
icacls.exe \\dc02\sysvol\xxxxx\Policies\{69085595-7CB7-43E8-B0B9-088DA92A8AE4} /grant "yyyyy\Domain Admins":(OI)(CI)(F)
( Got that from https://social.microsoft.com/Forums/security/en-US/f16b0af1-8772-4f96-a9ac-fac47943e8e9/sysvol-permissions-for-one-or-more-gpo-are-not-in-sync?forum=ws2016 )
Could you give us some more information?
