tjparker
asked on
Server Group Policy
I have 2 new windows 2000 machines that are part of a classroom of computers which are connected to a windows 2000 server environment. These 2 computers will not pick up the group policy from the windows 2000 server. They are in the same group as my other windows 2000 computers that are picking up the policy. If anyone could point me in the right direction I would really appreciate it.
Thanks!
Thanks!
This might be due to incorrect DNS settings. On your DC/DNS, and on all of your domain members, make sure the DC's address *only* is listed in the TCP/IP properties (be that via DHCP or static). That makes sure your internal lookups work correctly.
For internet access, delete the root zone (if present; it's the single dot: ".") on your DNS in your forward lookup zones. Then open the properties page of your DNS server and configure forwarders to point to your ISP's DNS (or whatever DNS you're using for lookups outside your AD domain). The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382
Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036
HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
http://support.microsoft.com/?kbid=316341
HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?kbid=300202
Troubleshooting Common Active Directory Setup Issues in Windows 2000
http://support.microsoft.com/?kbid=260371
For internet access, delete the root zone (if present; it's the single dot: ".") on your DNS in your forward lookup zones. Then open the properties page of your DNS server and configure forwarders to point to your ISP's DNS (or whatever DNS you're using for lookups outside your AD domain). The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382
Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036
HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
http://support.microsoft.com/?kbid=316341
HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?kbid=300202
Troubleshooting Common Active Directory Setup Issues in Windows 2000
http://support.microsoft.com/?kbid=260371
ASKER
These two machines are part of my windows 2000 ou of a particular class. The other machines in this OU are picking up the policy without any problems. We use DHCP and I went ahead and put in the DNS addresses on each of the machines and the policy is still not working for these two machines. I check the block policy inheritance and it was not checked. I feel like I am looking for a needle in a hay stack.
Hi,
Go to the specified machines and do a gpupdate /force on them and the reboot the machines. This will do a forced update on the Policy...
Go to the specified machines and do a gpupdate /force on them and the reboot the machines. This will do a forced update on the Policy...
ASKER
I tried the gpupdate /force command and windows 2000 did not recognize this command.
In Windows 2000, the command is
secedit /refreshpolicy machine_policy /enforce
for the computer settings, and
secedit /refreshpolicy user_policy /enforce
for the user settings.
Which policies aren't applied? The computer settings, the user settings, or neither?
secedit /refreshpolicy machine_policy /enforce
for the computer settings, and
secedit /refreshpolicy user_policy /enforce
for the user settings.
Which policies aren't applied? The computer settings, the user settings, or neither?
ASKER
neither
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Are these machines part of the domain?? Are you able to see them in AD Users and Computers?? In which OU are they?? Are you sure there is no block Policy Inheritance enabled??