Group Policy Wont update on client
- From: Andrew <ajb3500@xxxxxxxxxxx>
- Date: Wed, 20 Jul 2005 01:35:54 +0100
Hi All Setup : Novell 6.5 for File and Print, Primary login Windows 2k3 AD as secondary login ,all passwords synced with Novell All Client XP SP2 with SUS for updates (about 1000) GPOs at OU level
Our issue was after a recent change to a GPO, no clients would receive updated GPOs. They also hung for about 30 seconds on preparing network connections during boot. All users could login but received no profiles (mapped in user account profile tab in AD).
We backed out of the change but the GPOs wouldnt re-apply. Even domain admins could not force a policy update on the clients. Removing from domain and re-entering worked as did re-image of machine. We tried adding new GPOs, disabling the old one but to no effect.
It would appear that local file rights had changed, to the extent where Group Policy couldnt update itself on the local machine.The change made was to remove Creator Owner rights on %SystemRoot% to prevent people deleting files they had created their themselves (Users were given Read and Execute through other group membership). This was to stop people intentionally breaking an in house application by deleting a dll after it had been Zenned to the user through Novell.
In the end Psexec, cacls, visual basic and lots of coffee managed to resolve it short term but does anyone know what happened, or even how to theoretically recreate it in a lab for testing ?
Thanks .
- Follow-Ups:
- Re: Group Policy Wont update on client
- From: Matty Holland
- Re: Group Policy Wont update on client
- Prev by Date: Re: GPO won't allow reading of internet PDF's
- Next by Date: RE: Problem in auto-install using group policy
- Previous by thread: Roaming prfiles with group policy
- Next by thread: Re: Group Policy Wont update on client
- Index(es):
Relevant Pages
|
