I created a restricted group today for administrators. I added administrator, domain admin and another group called desktop admins that exist in active directory.
I see that no computers have the policy in effect yet. Its more than 8 hours since i configured the policy....
Also the first time i tried this, i was editing an exisitng gpo (BIG BIG MISTAKE) and i think because of that some machines have lost domain admins from the local admin group. I cant exactly figure out how that happened but i can see that the policy is not taking effect coz my other computers DO NOT show desktop admins group in local admin...
Anybody has any ideas ???
I have already done gpupdate /force, restarted the machine and still no luck. I verifed and verified again that gpo is assigned to ou comtaining computers.