Re: gp still tatooing!
From: Jimmy Andersson [MVP] (jimmy_NO_SPAM__at_mvps.org)
Date: 12/15/04
- Next message: Jimmy Andersson [MVP]: "Re: Display file/folder permissions using AD"
- Previous message: ptwilliams: "Re: Logon script problems logging onto another domain in forest"
- In reply to: Piotr Majcher: "RE: gp still tatooing!"
- Next in thread: Piotr Majcher: "Re: gp still tatooing!"
- Reply: Piotr Majcher: "Re: gp still tatooing!"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 15 Dec 2004 15:14:22 +0100
A work-around would be to script the reghack, apply it during logon, and
reverse it with a logoff script. It's not the best solution but it should
work if it's a big issue for you.
Regards,
/Jimmy
-- Jimmy Andersson, Q Advice AB Microsoft MVP - Directory Services ---------- www.qadvice.com ---------- "Piotr Majcher" <PiotrMajcher@discussions.microsoft.com> wrote in message news:631BD2BD-5B67-40D7-A713-C495DA72F2A9@microsoft.com... >i still have no answer to my question :( > > does anyone know how can I avoid tattooing local user profiles? > > Piotr Majcher > > > > "Piotr Majcher" wrote: > >> thanks for answering, >> I took a look at the www you advised me to look and I have read >> the article "Understanding Policy Tattooing" >> >> but there is no explanation and solution to my problem >> >> the "hide clock" policy is not considered gp-tattooing but in my case it >> tatoos >> the local user profile how can i deal with such situation? >> >> is the only solution to manually clean the registry? >> >> >> Piotr Majcher >> >> >> >> >> >> >> "Thor Vanden Reysen" wrote: >> >> > hi, >> > Here is a good link : >> > http://www.gpoguy.com >> > @+ >> > >> > >> > "Piotr Majcher" wrote: >> > >> > > I have remarked such a strange behaviour of policies >> > > >> > > I showed the students on my IT classess the GPO and such stuff and we >> > > were >> > > testing GP precedence. everything worked well when we added (linked >> > > to OU) >> > > more and more policies. the problem appears when i remove (unlink) or >> > > disable >> > > policies ( no matter if 1, 2 or all of them) >> > > >> > > some of the settings ARE STILL APPLIED :( >> > > (checked and confirmed: "hide clock" , "hide IE icon on the >> > > deskktop", "hide >> > > network places on desktop") those settings are permament in the >> > > user's >> > > environment! >> > > >> > > i check affected user with GPResults and it showes than no policies >> > > are >> > > applied however the user still has the restrictions from the state >> > > where the >> > > policies were working >> > > >> > > I AM NOT USING roaming prfiles for my users just local and I guess >> > > that the >> > > policies tatooed locally stored locopy of user profile and when the >> > > profile >> > > is used the restrictions are still applied. >> > > >> > > when the affected user logs onto another workstation (the one that he >> > > had >> > > never log on to) he gets a new local profile and no policies are >> > > applied to >> > > him. >> > > >> > > when the user logs onto a workstation and there is a copy of his >> > > profile >> > > (which was using when the policies were linked) the user uses its >> > > profile and >> > > despite there are no policies now he is being applied the old shadow >> > > policies >> > > >> > > when i delete the copy of the profile so the user gets a new one, >> > > everything >> > > is ok >> > > >> > > I DO NOT WANT to use roaming nor mandatory roaming profiles, I want >> > > to let >> > > my users use their local profiles >> > > >> > > >> > > Do You have any idea on fixing the problem? >> > > >> > > >> > > Have a good day >> > > Piotr Majcher >> > > >> > > >> > >
- Next message: Jimmy Andersson [MVP]: "Re: Display file/folder permissions using AD"
- Previous message: ptwilliams: "Re: Logon script problems logging onto another domain in forest"
- In reply to: Piotr Majcher: "RE: gp still tatooing!"
- Next in thread: Piotr Majcher: "Re: gp still tatooing!"
- Reply: Piotr Majcher: "Re: gp still tatooing!"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
