There appears to be a weird issue where in the April 2018 release of Windows 10 group policy fails to refresh the user part of the group policy. Instead you get the message below
Computer Policy update has completed successfully.
User Policy could not be updated successfully. The following errors were encountered:
The processing of Group Policy failed. Windows could not determine if the user and computer accounts are in the same forest. Ensure the user domain name matches the name of a trusted domain that resides in the same forest as the computer account.
To diagnose the failure, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy results.
This is caused by the netlogon service not running (and being set to manual?!). To resolve the issue you need to do the following:
- Press Win + R on the keyboard to open the run window
- Type in services.msc and click run
- Scroll down and look for Netlogon, if the status is not Running, then that’s why you’re getting this issue
- Double-Click on Netlogon and change the Startup Type to Automatic and click the Start button
- Once the service is running, click the OK button
- Now try running gpupdate again
If you have a large number of computers running Windows 10 and want to fix them all you can make this change using group policy. To do so carry out the following in an appropriate Policy object
- Start Group Policy Management on a Domain controller
- Select the appropriate group policy
- Select Computer Configuration > Preferences > Windows Settings > Services
- Add a new service and use the following settings
- Startup: Automatic
- Service Name: Netlogon (you can pick from the list)
- Service Action: Start Service
- You can also set the service to restart on failure by going to the Recovery tab
- Click OK
All going well this should resolve the group policy issue. If this helped you please let me know!