RE: gp still tatooing!

From: Thor Vanden Reysen (tvanden007_at_netscape.net)
Date: 12/09/04 

Date: Wed, 8 Dec 2004 21:21:02 -0800

hi,
Here is a good link :
http://www.gpoguy.com
@+

"Piotr Majcher" wrote:

> I have remarked such a strange behaviour of policies
>
> I showed the students on my IT classess the GPO and such stuff and we were
> testing GP precedence. everything worked well when we added (linked to OU)
> more and more policies. the problem appears when i remove (unlink) or disable
> policies ( no matter if 1, 2 or all of them)
>
> some of the settings ARE STILL APPLIED :(
> (checked and confirmed: "hide clock" , "hide IE icon on the deskktop", "hide
> network places on desktop") those settings are permament in the user's
> environment!
>
> i check affected user with GPResults and it showes than no policies are
> applied however the user still has the restrictions from the state where the
> policies were working
>
> I AM NOT USING roaming prfiles for my users just local and I guess that the
> policies tatooed locally stored locopy of user profile and when the profile
> is used the restrictions are still applied.
>
> when the affected user logs onto another workstation (the one that he had
> never log on to) he gets a new local profile and no policies are applied to
> him.
>
> when the user logs onto a workstation and there is a copy of his profile
> (which was using when the policies were linked) the user uses its profile and
> despite there are no policies now he is being applied the old shadow policies
>
> when i delete the copy of the profile so the user gets a new one, everything
> is ok
>
> I DO NOT WANT to use roaming nor mandatory roaming profiles, I want to let
> my users use their local profiles
>
>
> Do You have any idea on fixing the problem?
>
>
> Have a good day
> Piotr Majcher
>
>
>

Relevant Pages

  • Re: Local Policies with Roaming Profiles - Security ID Prob
    ... are only local policies, they should be stored in the Group Policies ... when a second computer tries overwrite the copy of the profile, ... I'm guessing that other computers won't then recognise that SID ...
    (microsoft.public.win2000.security)
  • Re: Roaming Profiles & VPN
    ... "Mark Dormer" wrote in message ... > There are policies for not downloading profiles on slow connections. ... >> For a VPN to log on quicker, a local profile is best. ...
    (microsoft.public.windowsxp.network_web)
  • RE: gp still tatooing!
    ... the article "Understanding Policy Tattooing" ... >> i check affected user with GPResults and it showes than no policies are ... >> policies tatooed locally stored locopy of user profile and when the profile ... >> never log on to) he gets a new local profile and no policies are applied to ...
    (microsoft.public.windows.server.active_directory)
  • Re: gp still tatooing!
    ... "Piotr Majcher" wrote in message ... > does anyone know how can I avoid tattooing local user profiles? ... >>>> i check affected user with GPResults and it showes than no policies ... >>>> policies tatooed locally stored locopy of user profile and when the ...
    (microsoft.public.windows.server.active_directory)
  • Folder redirection and Terminal Services profiles
    ... policies, ... use Terminal Services to access a Winframe server, ... Directory that allows you to specify a Terminal Services profile, ... that policy when logging on to their own PC, but not the Winframe ...
    (microsoft.public.win2000.group_policy)