Home
  •  

Registry Processing Monitor

Microsoft.Windows.GroupPolicy.2008.RegistryCSE.GroupPolicyRegistryProcessing.System.Correctaregistryextensionfailure.EventBased.UnitMonitor (UnitMonitor)

Knowledge Base article:

Summary

Registry Processing

The Registry client-side extension is responsible for writing and removing registry keys and values from the client's registry during Group Policy processing.

Resolutions

Correct a registry extension failure

The Registry client-side extension failed to read the registry.pol file from the Group Policy template location. The registry.pol file contains registry policy settings. This file may be missing, inaccessible, or corrupt.

Possible resolutions include:

Element properties:

TargetMicrosoft.Windows.GroupPolicy.2008.RegistryCSE
Parent MonitorSystem.Health.AvailabilityState
CategoryStateCollection
EnabledTrue
Alert GenerateTrue
Alert SeverityMatchMonitorHealth
Alert PriorityNormal
Alert Auto ResolveTrue
Monitor TypeMicrosoft.Windows.SingleEventLogManualReset2StateMonitorType
RemotableTrue
AccessibilityPublic
Alert Message
Group Policy Registry Processing Alert
{0}
RunAsDefault

Source Code:

<UnitMonitor ID="Microsoft.Windows.GroupPolicy.2008.RegistryCSE.GroupPolicyRegistryProcessing.System.Correctaregistryextensionfailure.EventBased.UnitMonitor" Accessibility="Public" Enabled="onEssentialMonitoring" Target="Microsoft.Windows.GroupPolicy.2008.RegistryCSE" ParentMonitorID="SystemHealth!System.Health.AvailabilityState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.SingleEventLogManualReset2StateMonitorType" ConfirmDelivery="true">

  <Category>StateCollection</Category>

  <AlertSettings AlertMessage="Microsoft.Windows.GroupPolicy.2008.RegistryCSE.GroupPolicyRegistryProcessing.System.Correctaregistryextensionfailure.EventBased.UnitMonitor.AlertMessage">

    <AlertOnState>Error</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>Normal</AlertPriority>

    <AlertSeverity>MatchMonitorHealth</AlertSeverity>

    <AlertParameters>

      <AlertParameter1>$Data/Context/EventDescription$</AlertParameter1>

    </AlertParameters>

  </AlertSettings>

  <OperationalStates>

    <OperationalState ID="ManualReset" MonitorTypeStateID="ManualResetEventRaised" HealthState="Success"/>

    <OperationalState ID="NegativeHealthState" MonitorTypeStateID="EventRaised" HealthState="Error"/>

  </OperationalStates>

  <Configuration>

    <ComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

    <LogName>System</LogName>

    <Expression>

      <And>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery>PublisherName</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value>Microsoft-Windows-GroupPolicy</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery>EventDisplayNumber</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value>1096</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

      </And>

    </Expression>

  </Configuration>

</UnitMonitor>