If you are forcing GPO Update then you will get LDAP Bind function call failed error on Windows 10 and Windows Server 2012/2016/2019 and also can’t access Sysvol/Netlogon share and also getting other authentication failure errors
Also Read: Group policy is not applying/working after patching (GPO Permission issues)
Getting below error on gpupdate /force
Updating policy
“Computer policy could not be updated successfully. The following errors were encountered:
The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.
User Policy could not be updated successfully. The following errors were encountered:
You also get Event ID: 1058, Event ID: 7017, Event ID: 7000, Event ID: 7326 and Event ID: 1006 on server event log
Also Read: Windows Server 2019 Features
This might be due to UNC ( Universal Naming Convention) Hardened Access through Group Policy
Configuring UNC Hardening through Group Policy
- Open gpedit.msc
- Select Computer – Administrative Templates – Network – Network Provider – Hardened UNC Paths
- Enable the policy and click “Show” button to Enter more details
- \\*\SYSVOL in to value name
- And enter the folowing text “RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0”
- Do the same for netlogon share
- \\*\NETLOGON in to value name
- And enter the folowing text “RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0”
- Close gpedit
Restart the system and try again, you can also try the same setting on the registry if you have an issue after the policy configuration
Also Read: Difference between Windows server 2016 and 2019
you can also try to dis-join and re-join to the domain, that might fix the issue
Also Read: Windows Group Policy Interview Questions and Answers