GPO Update failed with LDAP Bind function call failed error on Windows Server 2016/2019/2012 and Windows 10

By | June 6, 2019

If you are forcing GPO Update then you will get LDAP Bind function call failed error on Windows 10 and Windows Server 2012/2016/2019 and also can’t access Sysvol/Netlogon share and also getting other authentication failure errors

Also Read: Group policy is not applying/working after patching (GPO Permission issues)

Getting below error on gpupdate /force 

Updating policy

“Computer policy could not be updated successfully. The following errors were encountered:
The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.
User Policy could not be updated successfully. The following errors were encountered:

You also get Event ID: 1058, Event ID: 7017, Event ID: 7000, Event ID: 7326 and Event ID: 1006 on server event log

Also Read: Windows Server 2019 Features

This might be due to UNC ( Universal Naming Convention) Hardened Access through Group Policy

Configuring UNC Hardening through Group Policy

  • Open gpedit.msc
  • Select Computer – Administrative Templates – Network – Network Provider – Hardened UNC Paths
  • Enable the policy and click “Show” button to Enter more details
  •  \\*\SYSVOL in to value name
  • And enter the folowing text “RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0”
  • Do the same for netlogon share
  • \\*\NETLOGON in to value name
  • And enter the folowing text “RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0”
  • Close gpedit

Restart the system and try again, you can also try the same setting on the registry if you have an issue after the policy configuration

Also Read: Difference between Windows server 2016 and 2019

you can also try to dis-join and re-join to the domain, that might fix the issue

Also Read: Windows Group Policy Interview Questions and Answers

Leave a Reply

Your email address will not be published. Required fields are marked *