• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 613
  • Last Modified:

Group policy not applying to users in OUs.

I have done some searches on this and found nothing on the site so far which answers this particular question, sorry if I missed it.

I have a newly installed AD on a 2003 enterpirse server. I have created serveral OUs in the AD and want to apply a windows firewall policy to them. Now I created the policy and it doesnt work when applied dirrectly to the OU, however if I apply the same policy to the top of the ad, domain.local container, it works fine. This does not make any sence to me. There are no other policys as I removed the default ones and yet policys set on OUs wont work but do work when set at the top of the hierarchy tree.

I might be missing something obviouse but any help would be appreciated!


1 Solution
Hi Luxtech,

when you apply the group policy, if you look in the event viewer is there any errors?

try a gpupdate /force and with a firewall policy you will need a restart
LuxtechAuthor Commented:
I have ran gpupdate and when the policy is applied to the domain.local object in AD it works. When it is applied to the OU in which the user is situated it doesnt work. Firewall policy also applys without a restart :).

I need to associate the policy with the OU not the domain object in the AD as I want different GPs on different OUs.

are you by any chance trying to apply GPO's to the Users or Compyters OU in AD?
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

LuxtechAuthor Commented:
No I have created seperate OUs which I have moved my relevant users into.
Windows Firewall settings are Computer policies. Either place the Computer objects in the same OU as the users or create a separate OU for the Computer objects and link your GPO there. If you link a GPO containing Computer policies to an OU containing only users, the policy does nothing.  

a firewall setting is for computers, your title says apply GPO to users. you cannot apply a firewall setting to users, it is a computer setting.

take another look at which section of hte GPO you made the setting change in.

Good Luck,
LuxtechAuthor Commented:
Of course. Thanks new it was something stupid :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now