Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3549
  • Last Modified:

Group policy propagation to Client PCs

Hi guys,

How can i propagate an GPO to clients in my domain?
I do not want to wait until a client PC restarts or GPO refresh time comes.

I know we can use Secedit or Gpupdate at the clients.

I am using 2K as my DC, and my clients ate 2K and XP.

Thanks
0
cakirfatih
Asked:
cakirfatih
  • 5
  • 3
1 Solution
 
Yan_westCommented:
Microsoft knowledge base 227448
Using Secedit.exe to Force Group Policy to Be Applied Again
http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/q227/4/48.asp&NoWebContent=1

on XP:

forcing group policy updates to the computer is:
gpupdate /target:machine

forcing group policy updates to the user is:
gpupdate /target:user


To Learn if group policies were applied:
Windows 2000:

Download GPRESULT from the Resource Kit or from Microsoft.
From the command line type GPRESULT to determine what policies have been applied.

Windows XP:
From the command line type GPRESULT to determine what policies have been applied.
-OR-
For a graphical version click Start, Run and type: hcp://system/sysinfo/RSoP.htm


0
 
Yan_westCommented:
Another interesting microsoft KB
Troubleshooting Group Policy Application Problems
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q250842
0
 
cakirfatihAuthor Commented:
how do you force group policy updates to the 2K computers?  The instructions you gave do not work for the 2K machines.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
Yan_westCommented:
Like I said on the 1st like I gave:

secedit (XP & 2000)
Use this utility to manually apply computer and user policy from your windows 2000 (or newer) domain.  Example to update the machine policy: secedit /refreshpolicy machine_policy /enforce
To view help on this, just type secedit.
NOTE: In Windows XP this command is superceded by: gpupdate /force

It works on windows 2000, I use it all the time.
0
 
cakirfatihAuthor Commented:
Ok, I failed to mention I also have a Win 2003 server domain controller and neither the XP nor the 2000 instructions you gave worked.  

If I use gpupdate /force, I must reboot the clients individually to get the policy immediately updated on the 2000 machines.  It updates instantaneously on the XP machines, but NOT the 2000 machines.

The secedit command (when I try it on the 2003 server machine) says the following error:

C:\Documents and Settings\Admin>secedit /refreshpolicy machine_policy /enforce

The syntax of this command is:

secedit [/configure | /analyze | /import | /export | /validate | /generaterollback]

Do you have any information for windows 2003 server and 2K clients?

Thanks.
0
 
Yan_westCommented:
On the 2003 Server, you have to use Gpupdate then..

here is the link for 2003.. Think you may have to log off the user too, not sure, never used it on 2003 server..

http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/windowsserv/2003/standard/proddocs/en-us/refrGP.asp
0
 
Yan_westCommented:
0
 
cakirfatihAuthor Commented:
Well, like I said before, I know how to use GPUPDATE.   The problem is that it does not cause the client to immediately update unless you reboot the computers or wait until the refresh time occurs that is set in group policy.  (unless you go to each client and refresh on the client).   I am assuming that what I am asking for is impossible for 2K clients, unless I go to the individual machines and run secedit on the clients and/or reboot.





0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now