I thought i would share my experiences with an issue that has been highlighted with Windows 10 and its operation while joined to a domain.

 

The issue is basically group policy objects fail to run, and it is due to UNC path hardening that has been enabled in Windows 10.

 

 The links below show more about the issue.

 

https://community.spiceworks.com/topic/1119601-windows-10-group-policy-issue?page=1

 

https://community.spiceworks.com/topic/1389891-windows-10-and-sysvol-netlogon

 

 Basically the clients log a 1058 error in the system log (not able to talk to a DC to get the policy) and an issue exists when trying to access the \\172.16.0.1\netlogon share (it asks for username and password) whereas \\dc1\netlogon works fine.

 

It all has to do with UNC hardening that was introduced by Microsoft to Windows 10 in the early builds, they said they would re-visit it in the latest (November build) but it has not been fixed.

 

The current workaround is shown as this in the forums:

 

Local Computer Policy>Computer Configuration>Administrative Templates>Network>Network Provider>Hardened UNC Paths to Enabled and click into the Show button enter the following Values

 

\\*\NETLOGON and \\*\SYSVOL both with the following values RequireMutualAuthentication=0, RequireIntegrity=0

 

There is a technet forum thread on the issue and hopefully it will be updated with a hotfix once it is released:

 

https://social.technet.microsoft.com/Forums/en-US/6a20e3f6-728a-4aa9-831a-6133f446ea08/gpos-do-not-apply-on-windows-10-enterprise-x64?forum=winserverGP

 

Hope this helps anyone who is looking at putting Windows 10 into their production environment.