Re: Group Policy Loopback Not Applying
- From: Thomas <Thomas@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 11 Feb 2009 18:16:02 -0800
Ace,
I've done some more work and found that all comptuer based GPOs are not
applying after doing a sysprep and rejoining the domain. Even with a
different computer name. The even stranger things is that it appears to be
just in this particular OU. If I move the computer to a different OU,
computer policies apply just fine.
The only thing I can think of is that the particular OU that the loopback
policy is applied to is set to block policy inheritance from the parent OU.
This is also generating some weird results when running a "gpresult" on the
computer in question. Under the Computer Settings area, there is a section
called: "The following GPOs were not applied because they were filtered out".
It appears as though any other computer based GPOs are filtered because of
an "unknown reason" and the group policy with the loopback is listed, but not
under the filtered area. I wish I could attach a screen shot, it would be
much clearer to explain with a picture. I hope this makes sense and might
help trigger an idea of how to solve this mystery.
Thanks again!
Thomas
"Ace Fekay [Microsoft Certified Trainer]" wrote:
In news:0C2E68C3-8189-4056-8816-E565BD0AB2D6@xxxxxxxxxxxxx,.
Thomas <Thomas@xxxxxxxxxxxxxxxxxxxxxxxxx>, posted the following:
Thank you Ace and Meinolf for your quick response.
The computer account in question was definitely located in the
correct OU. In fact I tested the OU membership/policies by moving
another computer into that OU and found the loopback policy worked as
designed.
I ran a RSOP from the GPMC and it processed without any errors. I
also checked in the result of the RSOP and found the user policies
that are supposed to be applied from the computer loopback policy
were applied successfully.
In addition, I took the advice of Meinolf, and removed the problem
computer from the domain, then deleted the computer accounts. Forced
a sync with our two Windown 2003 domain controllers. At this time I
figured I would run sysprep again (to generate new SIDs). I copied
the latest sysprep files (which I downloaded from:
http://www.microsoft.com/DOWNLOADS/details.aspx?familyid=673A1019-8E3E-4BE0-AC31-70DD21B5AFA7&displaylang=en)
to the local drive in "C:\sysprep" folder. I ran sysprep, took an
image (in case it worked), and brought the computer back up, joined
the domain, placed the computer in the correct OU, restarted, forced
gpupdate, restarted. Still nothing.
The weird thing is that the user and computer GPOs are applying. In
fact, the computer is receiving GP from the "PD Laptop User Policy -
Computer" which is where the loopback is turned on. For whatever
reason, the user portion of that GPO is not looping back to the user
settings on this particular computer.
This computer was working just fine with the loopback policy before I
ran sysprep.
Any other ideas?
Thanks again for your time, it is most appreciated!
Thomas
Actually it has got me stumped, because this just works, well, normally in
all cases that I've used. Therefore, I haven;t seen this problem at all. May
there be something in a batch file running making a change, a security
setting being applied, etc?
Ace
- References:
- Group Policy Loopback Not Applying
- From: Thomas
- Re: Group Policy Loopback Not Applying
- From: Meinolf Weber [MVP-DS]
- Re: Group Policy Loopback Not Applying
- From: Thomas
- Re: Group Policy Loopback Not Applying
- From: Ace Fekay [Microsoft Certified Trainer]
- Group Policy Loopback Not Applying
- Prev by Date: Re: Disk Quotas
- Next by Date: Re: Group Policy Loopback Not Applying
- Previous by thread: Re: Group Policy Loopback Not Applying
- Next by thread: Re: Group Policy Loopback Not Applying
- Index(es):
Relevant Pages
|
