AD, policy does not apply...

Ensure The group policy is applied  either to the Root of AD or the OU where the users/machines reside.

Right click either the policy or the level at which the policy was applied and select the security tab. Ensure "Apply Group Policy" is ticked.

Press Start > Run > SECEDIT /REFRESHPOLICY MACHINE_POLICY /ENFORCE  (see note below)

Press Start > Run > SECEDIT /REFRESHPOLICY USER_POLICY /ENFORCE (see note below)

Policy not being enforced Try http://support.microsoft.com/default.aspx?scid=kb;en-us;254174

Policy not applying to users try
http://support.microsoft.com/default.aspx?scid=kb;EN-US;263693

Still no Joy! Try the official Microsoft Troubleshooting guide http://www.microsoft.com/windows2000/techinfo/howitworks/management/gptshoot.asp

*****NOTE*****

SECEDIT has been replaced in windows XP and Server 2003 with gpupdate (for syntax see below)
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/refrgp.mspx

Hi Pete.
The links you provided does not apply.. there is an extremely simple architecture of this site so no possibilities for problems with that.
I suspect that this is a flaw with AD in general on the W2K platform as i have experienced the same on several sites..

Do you think that running SECEDIT in the startupscript will force the policy anyway? I havent explored that and dont know if it has any effect as long as the policy is not effectively applied automatically...

>>Do you think that running SECEDIT

Unsure, Ive never personally had to do this, as far as Im aware this would happen by default anyway? How big are the folders? just wondering? if they were VERY big the client might be struggling to pul them over the network?

Pete
www.petenetlive.com

Are you using MS Word for your Docs..??   In smaller firms, I manually configure the default location within Word to push docs to a file server...  You can do this with most MS Office applications such as Excel, etc...

Open Word > Tools > Options > File Locations tab...  then modify the default location...

This is not the best way for organizations larger than say 50 clients, but it may work in your case..

FE

Pete, The folders are in general about 5 Mb. So i dont think that should be a problem. No other problems with the network performance at all...
Its typical that it works for some users, then not for others.. and its not any differences that i can find in computer setup and so on..

Ill try out the SECEDIT in script, and let y`all know how it goes..

Fatal, To do this at each PC is no option.. Its all going to be set up and controlled remotely with no support personell on site. Way to much work..
 ;-) (got others tings to not do..)

>>;-) (got others tings to not do..)

Man, I know that feeling

**Afternoon Bill**

I know that AD is designed for you to set home drives on the user object, but have you tried ececuting a LOCAL login script for an offending user? with a good ole net use statement? then at least you can eliminate the client PC?

Pete

Yea..  like I mentioned, I only do this in the smaller domains..  and I also know that feeling..  :)

Actually, I like the RSOP tool myself...   XP also comes with this and it can be run from the Start > Run > rsop.msc (OK)...   It is not native to W2K Pro though...

FE

rrhowson, thanx.. didnt know of that tool... does it run under W2K to? and the same for RSOP Fatal..?!

Seems like all settings are applied correctly, but i will try this on a usermachine on next failure.. Thnx..

The settings are set on top level in the domain, the only OU that has otherwise is the IT support staff OU witch has no override and works perfect!

Are your client machines Windows XP, I have ran into occasions were XP machines will simulate network connections, before actually applying group policy in order to speed up logon.  Possibly a logon script with gpupdate /force will help you.

Suggest you grab this Doc from MS on Troubleshooting Group Policy..  It covers gpresult.exe, gpotool.exe, ReplMon.exe and other items that you may find worth the read...

Troubleshooting Group Policy in Windows 2000

http://www.microsoft.com/windows2000/techinfo/howitworks/management/gptshoot.asp

Found another TS link from Technet..  Note the following when dealing with SlowLink connections:

Be careful when applying Group Policies over slow WAN links. Remember that the order of settings that are applied is not equal for every component. For example:

• Registry and Security settings are always applied.
 
• EFS and IP Security Settings are applied by default.
 
• Application Deployment, Scripts, Folder Redirection, and Disk Quotas are Not applied by default over slow links.
 
http://www.microsoft.com/technet/community/columns/profwin/pw0502.mspx

jon godwin, no my clients run W2K.

Thanx Fatal, ill look at the links you gave, i got an idea on the slow wan link thingey, wonder if the five machines i`ve seen this on maybe is on a failing HUB.. I`m going to set up an extensive NW monitoring tomorrow and check if this happends on many simultaneous logins or something..

Gpresult I first saw in the W2K Reskit. It is native to XP. Never knoew about RSOP.msc, so thanks Fatal Exception.

Gpresult is great, but it almost give too much information

If you have XP running on your network, I suggest you look into downloading the GPMC..  This is a wonderful tool that MS decided to give us to use, but can only be run on W2K3 or XP...   It has really brought together the ADUC and GPO interface into one very nice GUI...   But even though it must be installed on XP, it can be used to manage GPO's on a W2K server..   :)

Group Policy Management Console with Service Pack 1

http://www.microsoft.com/downloads/details.aspx?FamilyId=C355B04F-50CE-42C7-A401-30BE1EF647EA&displaylang=en

Administering Group Policy with the GPMC

http://www.microsoft.com/windowsserver2003/gpmc/gpmcwp.mspx

Hmm.. lots of good stuff..!
Even though we are thinking of XP clients we are not there yet.. We have W2K servers and workstations.

Fatal and rhowson, i havent got my solution yet, but your efforts is a good step in the right direction.
So thanx! Ill award you the points..

Wish we could have nailed it, but thanks..

FE

I`ll post back if i get to the core of it! Promise...

Btw, the problem is a little on and of now after a switch was exchanged.. Might be a slow networklink thingey...

:)  Luck to you..!!

Thnx!

Bill you joining in? https://www.experts-exchange.com/questions/21001652/The-League-of-Extraordinary-Experts.html

I have this same exact problem on my network running AD Windows 2000 Servers and both Windows 2000 and Windows XP clients.  Most computers have no problem getting the policy and applying the folder redirect.  However, you could be sitting next to a applied GPO computer, login, and the policy will not be applied, yet you try again later on that same computer and the redirection may work, vise versa, and any variation thereof……..  

There is no pattern between OSs, computers, rooms, etc....  The users reside in an OU with the applied policy with no existing hierarchical policies.   I’ve utilized the folder redirection policy processing and the tools mentioned above, yet I cannot find a cause to this sporadic issue.  I've never experienced anything quite like this, but after reading this I know I'm not the only one!

Hmm.. Strange isnt`t it??!!
I got around by puting a secedit command in the startupscript.. But that causes XP to run a infodialog about the fact that XP dont use secedit but gpedit.. lol!!

Interesting fix Matt...  Want to share that secedit command..??   (I know, I am lazy..  :)

Sure:
secedit /refreshpolicy machine_policy /enforce
secedit /refreshpolicy user_policy /enforce

I believe its the same for XP with gpupdate instead of secedit...

*grin*  I recognize that command..!!   Now I see what you are doing..  Thanks...

:-) LOL! And you know what... its friday!

so refreshing the policy running a startup script works for you?

Yup...

Interesing......

There has to be a logical excuse for this mess!  Nonetheless, I'm going to utilize this script.  Great feedback guys, thanks!

This is the EE is supposed to work...   :)

Fatal:
"This is the EE it ts supposed to work", or "This is EE, i`m supposed to work" ???

:-)

This is the WAY EE is supposed to work..!!   LOL, eh.. that four letter word..!!

And you know, if we got points on grammer, I would be lucky if I broke 100....  :)

My fingers dont seem to be able to process the commands sent to them either :( must be a techhy thing

LOL!

I have found that on the computers that randomly fail to apply the GPO, they get one of the following error in the Application Event Log (Windows XP):

Event ID: 1085
The Group Policy client-side extension Scripts failed to execute. Please look for any errors reported earlier by that extension.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

I've checked EventID.net, Microsoft Knowledge Base, but none of their solutions apply to the problem I'm having with Group Policies...........

Any ideas?

rg..  you really need to open another thread for you question...  that way you will get the help you need...

FE

Make sure the File Replication Service is not in an error state....