Problems with Group Policy in Active Directory
Posted on 2003-02-20
Hello. I'm a department assistant (student) for the computer science department at California Lutheran University. We are setting up a new Windows XP image to deploy in our labs. We are currently using a Windows 2000 server as our Domain Controller.
I have been trying to work on a group policy for the lab login accounts. These accounts (called D11 and D14 named for the lab room names) have roaming profiles. In the Active Directory Users and Computers section, I have an organizational unit called "Lab Accounts" directly under the domain controller server. This OU has a group policy that I have been working on. In this OU are the D11 and D14 users. These users are part of the "Domain Users" and "CS Labs" (primary) security groups. I have set allow Read and Apply Group Policy permissions for both of these groups on the Group Policy Object.
My problem is that the group policy is not being applied when I log in to the workstation I have been working on as D11. However, the D11 account is prevented from accessing the desktop properties dialog (I did not enable this behavior in my group policy). I have never worked with active directory in this way before, so I do not know if I'm doing something wrong, but as far as I can tell I'm doing everything by the book, and it should work. I did not set up the Domain Controller server myself, that was done by someone else who I have been unable to contact, so I am unsure if there is something on the server that is causing the problem. If anyone could help me out, I would be very grateful.