Re: Help!? Policy won't inherit.
- From: Kayne <miller.nospam@xxxxxxxxx>
- Date: Fri, 31 Aug 2007 14:46:38 -0000
On Aug 31, 3:37 am, "Jorge Silva" <jorgesilva...@xxxxxxxxxxx> wrote:
Hi
Search for event log errors, Machine Configuration (like dns).http://support.microsoft.com/kb/221833
You can also use gpresult, RsOP.msc to help you with this.
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE, MVP Directory Services"Kayne" <miller.nos...@xxxxxxxxx> wrote in message
news:1188528769.478947.120880@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Can someone tell me what I'm doing wrong?
I have a small active directory domain. I'm really using it as an
educational lab. It has 6 workstations and a single Windows 2003 AD
DC. All of my workstations are in the default container called
"Computers". Using AD Users and Computers I created an additional
group policy object at the domain level and placed it at the top
(above the default GPO). The *only* change I made in this new GPO is
I have set the firewall to disabled (yes, I want it disabled on my
private network). I have done this in the GPO Editor under Computer
Configuration -> Administrative Templates -> Network -> Network
Connections -> Windows Firewall -> Domain Profile -> Windows Firewall:
Protect all network connections: Disabled. (and also Standard
Profile).
I then went to station3 and logged off and back on, fully expecting to
see the firewall disabled and grayed out so that I could not re-enable
it. It was not disabled and it was still accessible by a local
machine administrator account. So I went into Local Security Policies
on the local machine and saw that the setting in question was
untouched. (i.e. still set to "not configured"), so I reboted
station3 and logged back on, same thing.
So I moved station3 from the "computer" container to the root of the
domain, relogged and rebooted, same thing. So I created an OU called
PolicyPusher, put the GPO with the firewall setting on the OU, and
moved station3 into it. Relogged, and rebooted, same thing. So I
took station3 off the domain, deleted the account, logged back on to a
local admin account, brought it back to the domain, same thing.
I haven't messed with any settings such as "Block Policy inheritance"
or any such inheritence altering settings. In fact, other than the
changes explicitely mentioned here, my domain is in a default state.
It is a true Windows 2003 (not a mixed mode) domain.
I can *not* get my policy to push down to the local machine. What am
I doing wrong?
Thank you in advance.- Hide quoted text -
- Show quoted text -
That is good information. In this particular case, the policies did
eventually seem to inherit. I expected them to inherit when I logged
off and back on, or at least when I rebooted. They did not, but when
I checked them this morning they had pulled down, and I saw exactly
what I was expecting to see on all of my machines. Can anyone tell me
when and how often domain policies replicate? Is that something that
I can configure? If so, where?
Thank you.
.
- Follow-Ups:
- Re: Help!? Policy won't inherit.
- From: Jorge Silva
- Re: Help!? Policy won't inherit.
- References:
- Help!? Policy won't inherit.
- From: Kayne
- Re: Help!? Policy won't inherit.
- From: Jorge Silva
- Help!? Policy won't inherit.
- Prev by Date: Re: Querying groups
- Next by Date: Re: LDAP user authentication error with VBScript from ASP
- Previous by thread: Re: Help!? Policy won't inherit.
- Next by thread: Re: Help!? Policy won't inherit.
- Index(es):
Relevant Pages
|
