GPO Applied inconsistantly

We have users logging into a new 2003 domain in which we've created a few GPOs that should apply to both users and computers.  In particular, there is a Folder Redirection GPO for My Documents and a Login Script GPO which maps network drives and printers which are being applied twice to each user.  
Running GPRESULT shows:
   The user received "Folder Redirection" settings from these GPOs:
      Folder Redirection
      Folder Redirection
   ====================================================
   The user received "Scripts" settings from these GPOs:
      Printer Connections
      Map Network Drives
      Printer Connections
      Map Network Drives

The Folder Redirection and Map Network Drives GPOs are linked to the Domain since everyone, regardless of OU, should get them.  The Printer Connections GPO is linked to the site.  I've checked to see if they are linked elsewhere as well, but they are not.

Any ideas as to why all of the GPOs for the  would apply twice?
acksisAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

crissandCommented:
Use gpmc from microsoft site to see the result set of policy. The policy is applied both to computers and to users and that's useless, because folder redirection and map network drives are usually user related.

I know that the folder redirection can be applied to computers too, but not the same as for users (usually, one apply folder redirection for users when one want to use %USERNAME% environment variable). If folder redirection doesn't use user related information, it must be applied on computers only.

The same consideration for scripts, the administrator must establish exactly where to apply it, it's useless to apply the same policy to users and computers.
0
acksisAuthor Commented:
The Folder Redirection and Map Network Drives GPOs are only applied to the Users.

RSoP shows that both of those are Denied GPOs for the Computer Configuration Summary.  The Printer Connections GPO is applied at both the User and Computer because we're usin Loopback Processing in Merge Mode to force any user at a particular site to receive only local printers.

Under User Configuration Summary/Applied GPOs is the following:
   Printer Connections
   Map Network Drives
   Folder Redirection
   Default Domain Policy
   Printer Connections
   Map Network Drives
   Folder Redirection
   Default Domain Policy

As you can see, these GPOs are applying twice.
 
   "The policy is applied both to computers and to users and that's useless..."

   "The same consideration for scripts, the administrator must establish exactly where to apply it,
     it's useless to apply the same policy to users and computers."

The GPOs are to apply to every user in the Domain.  And, like I said earlier, Folder Redirection and Map Network Drives are denied on the computer and applied on the user.

If I'm missing your point, please clarify.


0
crissandCommented:
Please use gpmc from Microsoft to see the resultant set of policy applied. Download from here, install and run:

http://www.microsoft.com/downloads/details.aspx?FamilyId=0A6D4C24-8CBD-4B35-9272-DD3CBFC81887&displaylang=en

0
Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

acksisAuthor Commented:
GPMC was already installed - that's where I got the RSoP that I referenced in my second post.
It says that the user settings are applied twice and the computer settings once.

I've also used the command line tool "gpresult.exe" which, when run on the client machine, says the exact same thing (see the first post).
0
Debsyl99Commented:
Hi
Could this be why you're getting it twice?
"The Printer Connections GPO is applied at both the User and Computer because we're using Loopback Processing in Merge Mode to force any user at a particular site to receive only local printers"
If you're using it in the user config and it's also applying via a set loopback, then it will apply again to all users logging on to that PC or pc's or servers covered by the loopback policy,

Or did I miss a point somewhere? (which is ENTIRELY possible after the week I've had ;-))

Deb :))
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Debsyl99Commented:
I didn't miss the point then - my brain is still happily intact!
Glad to help,
Deb :))
0
acksisAuthor Commented:
That was it - we deleted the Printer Connections link to the site and booted up a user and everything ran as it should.  Thanks.  We'll just have to write a script for the users that will identifiy their site and attach printers accordingly.

Again, thanks for that.  My brain was beginning to hurt!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.