Administrator can't make changes to Group Policy Object
Posted on 2005-05-12
all of the sudden? (haven't had the need to try in the past couple weeks) when i log on as administrator, i cannot make changes to Group Policy Objects
I am logged in as Administrator, the Administrator is a member of Domain Admins and a member of Enterprise Admins.
When i check the security settings of the GPOs, they seem fine - Domain Admins and Enterprise Admins have Read/Write access on the GPOs
When i try to make changes to a GPO in the Domain Controller OU it tells me access denied.
Here's where it gets really strange:
I have an OU called 'MyCompany Computers' and when i try to change the GPO in there it sometimes works and sometimes i get the access denied error. I can literally open the OU and then the GPO, make a change and apply it and close the OU properties window, go back into it and try to make another change and get the access denied message. Then i close it, open it and sometimes i can change it again, sometimes not.
This is very troubling.
THis is a production machine so i really want to avoid resetting all the security settings back to the default.
Is there something i am missing or another solution out there?