RE: Group Policy only works if user is member of local admin group
- From: bhartung <bhartung@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 17 Mar 2006 12:40:26 -0800
I checked the event logs and found nothing out of the ordinary in them. I
also ran group policy, selecting both the user and PC. The correct settings
showed up in the resulting report.
Is there any possibiity that our domain controller running without SP1 and
and all our other Win2k3 servers have SP1 installed create any issues? I
suppose that's something that can only be answered by applying SP1.
I'll have to play aournd a bit with your other suggestion about debug logging.
Thanks.
--
Bob Hartung, Dir of I.T.
Wisco Industries, Inc.
Oregon, WI 53575
"Brian Delaney" wrote:
Are there any errors on the clients in the Application Event log when running.
gpupdate /force and the policies are not applying?
If you run rsop.msc as a user when the policies are not applying, is there a
red x on the user settings? If right click go to properties and error
information. What is the error?
Userenv debug logging may also help in troubleshooting the problem:
http://support.microsoft.com/kb/221833/en-us
Brian Delaney
"bhartung" wrote:
Within the last 6 months, I've been converting from a Netware NDS network to
a MS Windows 2003 Active Directory as our primary network. I've worked
through the file/directory rights issues and things are running pretty
smooth. One that's not working so smoothly is Group Policy.
I have several user groups that I want to enforce some fairly simple
policies on. For instance, on a group of PCs on our manufacturing floor, I
want to enforce the classic desktop and prevent changing the background.
Things like that. I created an organizational unit (OU), placed the users I
want to control in it and then created a group policy and associated it with
the OU.
The PCs these users are logging on to are Dell PCs with Windows XP Pro SP2.
They have all been successfully joined to our single domain.
When I test for these policies on the Dell PCs, none of them are enforced.
Even if I shell out and run "gpupdate /force" on both the domain controller
and pc and relogin and still no policies.
I have loaded the group policy snap-in on the Dell PCs and checked the local
group policies and nothing is conifigured.
Now here's an odd thing I discovered. If the user I'm logging in as is not a
member of the local admin group, the policies do not apply. If I add that
user to the local admin group, the policies can apply.
I'm the only one who has created any new policies and I've never made any
changes to the default domain policies
I'm stumped. I'd be grateful for any advice on what might be preventing
application of polices.
Bob Hartung, Dir of I.T.
Wisco Industries, Inc.
Oregon, WI 53575
- Prev by Date: Re: Problems with XP SP2
- Next by Date: Re: 2003 to nt4.0 trust
- Previous by thread: 'Managed By' tab
- Next by thread: RE: Exchange 2003 server problems after login.
- Index(es):
Relevant Pages
|
