bjettinger
asked on
GPO Being Filtered Out
I have created a newly linked GPO to one of my OU's in Active Directory. All the GPO's that are linked to this OU are being applied except this newly linked GPO which "was not applied because it was filtered out" at the PC. The GPO being filtered is only disabling the timeout for the screen saver in the User Configuration section of the GPO.
I guess not but have you put any WMI filtering on this to restrict? Hav you looked using gpresult.exe /z or /v . can you post any results please.
I presume you will get something like this:
The following GPOs were not applied because they were filtered out
-------------------------- ---------- ---------- ---------- ---------- -
xxxxx
Filtering: Disabled (GPO)
The following GPOs were not applied because they were filtered out
--------------------------
xxxxx
Filtering: Disabled (GPO)
ASKER
That is correct. The following GPO's were not applied because they were filtered out.
And what else does it then say when you run gpresult with verbose options /v or /z?
you havent got any other policies above with no over ride permissions?
are you applying the policy to a computer OU?? I did this before and received the same error.
Also, check the security tab on the GPO and make sure the correct permissions are configured for users.
you should use the gpresult as dragon-it has suggested and post the results......this will help.
Also, check the security tab on the GPO and make sure the correct permissions are configured for users.
you should use the gpresult as dragon-it has suggested and post the results......this will help.
You're not alone in this policy inheritance conflict stuff.
Microsoft now has a great snap-in: RSoP (Resultant Set of Policy): http://support.microsoft.com/default.aspx?scid=kb;en-us;323276
It has an very user-friendly GUI to help diagnose policy inheritance.
Microsoft now has a great snap-in: RSoP (Resultant Set of Policy): http://support.microsoft.com/default.aspx?scid=kb;en-us;323276
It has an very user-friendly GUI to help diagnose policy inheritance.
Please post the section under this: The following GPOs were not applied because they were filtered out
What I need to see is this (although yours may be different):
Filtering: Disabled (GPO)
What I need to see is this (although yours may be different):
Filtering: Disabled (GPO)
As requested 10 mins after the Q was logged...
I realize that.
ASKER
The following is the Gpresult /v
Applied Group Policy Objects
-------------------------- ---
General Watson Workstations SUS Update GPO V1.0
Default Domain Policy V1.4
The following GPOs were not applied because they were filtered out
-------------------------- ---------- ---------- ---------- ---------- -
Special Function US NY Carmel Empower Workstation GPO V1.1
Filtering: Not Applied (Empty)
Local Group Policy
Filtering: Not Applied (Empty)
The computer is a part of the following security groups:
-------------------------- ---------- ---------- ----------
BUILTIN\Administrators
Everyone
Debugger Users
BUILTIN\Users
USNYDSK0299$
Domain Computers
NT AUTHORITY\NETWORK
NT AUTHORITY\Authenticated Users
Resultant Set Of Policies for Computer:
-------------------------- ---------- ----
Software Installations
----------------------
N/A
Startup Scripts
---------------
N/A
Shutdown Scripts
----------------
N/A
Account Policies
----------------
GPO: Default Domain Policy V1.4
Policy: MinimumPasswordAge
Computer Setting: 2
GPO: Default Domain Policy V1.4
Policy: PasswordHistorySize
Computer Setting: 24
GPO: Default Domain Policy V1.4
Policy: LockoutDuration
Computer Setting: 4294967295
GPO: Default Domain Policy V1.4
Policy: ResetLockoutCount
Computer Setting: 30
GPO: Default Domain Policy V1.4
Policy: MinimumPasswordLength
Computer Setting: 8
GPO: Default Domain Policy V1.4
Policy: LockoutBadCount
Computer Setting: 6
GPO: Default Domain Policy V1.4
Policy: MaximumPasswordAge
Computer Setting: 90
Audit Policy
------------
N/A
User Rights
-----------
GPO: Default Domain Policy V1.4
Policy: SystemtimePrivilege
Computer Setting: Administrators
Security Options
----------------
GPO: Default Domain Policy V1.4
Policy: RequireLogonToChangePasswo rd
Computer Setting: Not Enabled
GPO: Default Domain Policy V1.4
Policy: PasswordComplexity
Computer Setting: Enabled
GPO: Default Domain Policy V1.4
Policy: ForceLogoffWhenHourExpire
Computer Setting: Enabled
GPO: Default Domain Policy V1.4
Policy: ClearTextPassword
Computer Setting: Not Enabled
Event Log Settings
------------------
N/A
Restricted Groups
-----------------
N/A
System Services
---------------
N/A
Registry Settings
-----------------
N/A
File System Settings
--------------------
N/A
Public Key Policies
-------------------
N/A
Administrative Templates
------------------------
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof t\Windows\ WindowsUpd ate\AU
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof t\Windows\ WindowsUpd ate
State: Enabled
GPO: Default Domain Policy V1.4
Setting: Software\Policies\Microsof t\Windows\ CurrentVer sion\Inte
t Settings\ZoneMapKey
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof t\Windows\ WindowsUpd ate\AU
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof t\Windows\ CurrentVer sion\Inte
t Settings\ZoneMapKey
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof t\Windows\ WindowsUpd ate\AU
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof t\Windows\ WindowsUpd ate\AU
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof t\Windows\ WindowsUpd ate\AU
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof t\Windows\ WindowsUpd ate
State: Enabled
GPO: Default Domain Policy V1.4
Setting: Software\Policies\Microsof t\Windows\ CurrentVer sion\Inte
t Settings\ZoneMapKey
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof t\Windows\ CurrentVer sion\Inte
t Settings
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof t\Windows\ WindowsUpd ate\AU
State: Enabled
GPO: Default Domain Policy V1.4
Setting: Software\Policies\Microsof t\Windows\ CurrentVer sion\Inte
t Settings\ZoneMapKey
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof t\Windows\ WindowsUpd ate\AU
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof t\Windows NT\SystemRestore
State: Enabled
R SETTINGS
-----------
CN=Bill Ettinger (Administrative Account),OU=Administrative Accounts,OU=Admi
tration,DC=na,DC=watson,DC =com
Last time Group Policy was applied: 7/24/2006 at 11:07:48 AM
Group Policy was applied from: usnysrv0013.na.watson.com
Group Policy slow link threshold: 500 kbps
Applied Group Policy Objects
-------------------------- ---
Default Domain Policy V1.4
The following GPOs were not applied because they were filtered out
-------------------------- ---------- ---------- ---------- ---------- -
Local Group Policy
Filtering: Not Applied (Empty)
The user is a part of the following security groups:
-------------------------- ---------- ---------- ------
Domain Users
Everyone
BUILTIN\Power Users
BUILTIN\Users
BUILTIN\Administrators
DP-Ccat-001-R
AP-Citrix-004-Admin
AP-Citrix-003-Admin
DP-MRPIISupply-001-R
OP-IDs-001-R
DP-Watsonprodu-001-R
DP-LocAdmin-001-R
DP-SAPEndUser-001-R
PP-Audit-001-R
AP-Websens-001-GUser
DP-SupAudits-001-R
PP-ECR-001-C
Dp-SLCtraining-001-R
DP-GPOBackup-001-C
DP-IS-001-C
DP-MRPII-001-R
DP-changedecis-001-R
Citrix XP Admins
DP-SAPUAT-001-R
DP-ProjectExch-001-C
PP-Change-001-R
PP-CFG-002-C
!usnysrv0004
OP-AppsInst-001-Admin
DP-csgroups-001-C
DP-Steris-001-C
Domain Admins
PP-HUD-001-R
DP-Templates-001-R
DP-ITProjectRe-001-R
DP-MiamiTrans-001-R
!wks-Workstation-001
!uscasrt0003
AP-Argent-001-Admin
DP-ITinfrastru-001-R
DP-NewSAPAccou-001-R
PP-Chuck-001-R
DP-SDLCandPMM-001-R
AP-Altiris-001-GOP
OP-Wireless-001-User
PP-Auditdoc-001-R
OP-AppsInst-001-Admin-Loca l
DP-GPOBackup-001-C-Local
LOCAL
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
Resultant Set Of Policies for User:
-------------------------- ----------
Software Installations
----------------------
N/A
Public Key Policies
-------------------
N/A
Administrative Templates
------------------------
N/A
Folder Redirection
------------------
N/A
Internet Explorer Browser User Interface
-------------------------- ---------- ----
N/A
Internet Explorer Connection
-------------------------- --
N/A
Internet Explorer URLs
----------------------
N/A
Internet Explorer Security
--------------------------
N/A
Internet Explorer Programs
--------------------------
N/A
>
Applied Group Policy Objects
--------------------------
General Watson Workstations SUS Update GPO V1.0
Default Domain Policy V1.4
The following GPOs were not applied because they were filtered out
--------------------------
Special Function US NY Carmel Empower Workstation GPO V1.1
Filtering: Not Applied (Empty)
Local Group Policy
Filtering: Not Applied (Empty)
The computer is a part of the following security groups:
--------------------------
BUILTIN\Administrators
Everyone
Debugger Users
BUILTIN\Users
USNYDSK0299$
Domain Computers
NT AUTHORITY\NETWORK
NT AUTHORITY\Authenticated Users
Resultant Set Of Policies for Computer:
--------------------------
Software Installations
----------------------
N/A
Startup Scripts
---------------
N/A
Shutdown Scripts
----------------
N/A
Account Policies
----------------
GPO: Default Domain Policy V1.4
Policy: MinimumPasswordAge
Computer Setting: 2
GPO: Default Domain Policy V1.4
Policy: PasswordHistorySize
Computer Setting: 24
GPO: Default Domain Policy V1.4
Policy: LockoutDuration
Computer Setting: 4294967295
GPO: Default Domain Policy V1.4
Policy: ResetLockoutCount
Computer Setting: 30
GPO: Default Domain Policy V1.4
Policy: MinimumPasswordLength
Computer Setting: 8
GPO: Default Domain Policy V1.4
Policy: LockoutBadCount
Computer Setting: 6
GPO: Default Domain Policy V1.4
Policy: MaximumPasswordAge
Computer Setting: 90
Audit Policy
------------
N/A
User Rights
-----------
GPO: Default Domain Policy V1.4
Policy: SystemtimePrivilege
Computer Setting: Administrators
Security Options
----------------
GPO: Default Domain Policy V1.4
Policy: RequireLogonToChangePasswo
Computer Setting: Not Enabled
GPO: Default Domain Policy V1.4
Policy: PasswordComplexity
Computer Setting: Enabled
GPO: Default Domain Policy V1.4
Policy: ForceLogoffWhenHourExpire
Computer Setting: Enabled
GPO: Default Domain Policy V1.4
Policy: ClearTextPassword
Computer Setting: Not Enabled
Event Log Settings
------------------
N/A
Restricted Groups
-----------------
N/A
System Services
---------------
N/A
Registry Settings
-----------------
N/A
File System Settings
--------------------
N/A
Public Key Policies
-------------------
N/A
Administrative Templates
------------------------
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof
State: Enabled
GPO: Default Domain Policy V1.4
Setting: Software\Policies\Microsof
t Settings\ZoneMapKey
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof
t Settings\ZoneMapKey
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof
State: Enabled
GPO: Default Domain Policy V1.4
Setting: Software\Policies\Microsof
t Settings\ZoneMapKey
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof
t Settings
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof
State: Enabled
GPO: Default Domain Policy V1.4
Setting: Software\Policies\Microsof
t Settings\ZoneMapKey
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof
State: Enabled
GPO: General Watson Workstations SUS Update GPO V1.0
Setting: Software\Policies\Microsof
State: Enabled
R SETTINGS
-----------
CN=Bill Ettinger (Administrative Account),OU=Administrative
tration,DC=na,DC=watson,DC
Last time Group Policy was applied: 7/24/2006 at 11:07:48 AM
Group Policy was applied from: usnysrv0013.na.watson.com
Group Policy slow link threshold: 500 kbps
Applied Group Policy Objects
--------------------------
Default Domain Policy V1.4
The following GPOs were not applied because they were filtered out
--------------------------
Local Group Policy
Filtering: Not Applied (Empty)
The user is a part of the following security groups:
--------------------------
Domain Users
Everyone
BUILTIN\Power Users
BUILTIN\Users
BUILTIN\Administrators
DP-Ccat-001-R
AP-Citrix-004-Admin
AP-Citrix-003-Admin
DP-MRPIISupply-001-R
OP-IDs-001-R
DP-Watsonprodu-001-R
DP-LocAdmin-001-R
DP-SAPEndUser-001-R
PP-Audit-001-R
AP-Websens-001-GUser
DP-SupAudits-001-R
PP-ECR-001-C
Dp-SLCtraining-001-R
DP-GPOBackup-001-C
DP-IS-001-C
DP-MRPII-001-R
DP-changedecis-001-R
Citrix XP Admins
DP-SAPUAT-001-R
DP-ProjectExch-001-C
PP-Change-001-R
PP-CFG-002-C
!usnysrv0004
OP-AppsInst-001-Admin
DP-csgroups-001-C
DP-Steris-001-C
Domain Admins
PP-HUD-001-R
DP-Templates-001-R
DP-ITProjectRe-001-R
DP-MiamiTrans-001-R
!wks-Workstation-001
!uscasrt0003
AP-Argent-001-Admin
DP-ITinfrastru-001-R
DP-NewSAPAccou-001-R
PP-Chuck-001-R
DP-SDLCandPMM-001-R
AP-Altiris-001-GOP
OP-Wireless-001-User
PP-Auditdoc-001-R
OP-AppsInst-001-Admin-Loca
DP-GPOBackup-001-C-Local
LOCAL
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
Resultant Set Of Policies for User:
--------------------------
Software Installations
----------------------
N/A
Public Key Policies
-------------------
N/A
Administrative Templates
------------------------
N/A
Folder Redirection
------------------
N/A
Internet Explorer Browser User Interface
--------------------------
N/A
Internet Explorer Connection
--------------------------
N/A
Internet Explorer URLs
----------------------
N/A
Internet Explorer Security
--------------------------
N/A
Internet Explorer Programs
--------------------------
N/A
>
it sounds like you are applying a user GPO to a computer OU (or vice versa)
OK, I can't see any user assigned GPO's there that have been filtered out. Perhaps this is because you have run it as your admin user and they are not applied to
OU=Administrative Accounts,OU=Administration ,DC=na,DC= watson,DC= com
or OU=Administration,DC=na,DC =watson,DC =com
Where is the GPO applied to and where is the user who it should apply to (and what is it called). Have a look at the commandline options on gpresult to run it as a different user (I don't have XP here to check syntax). gpresult /?
Steve
OU=Administrative Accounts,OU=Administration
or OU=Administration,DC=na,DC
Where is the GPO applied to and where is the user who it should apply to (and what is it called). Have a look at the commandline options on gpresult to run it as a different user (I don't have XP here to check syntax). gpresult /?
Steve
ASKER
The GPO is using the User Configuration part as screen saver timeout is in that area. It is also a computer OU that the GPO is being applied to. Here is more information from Gpresult:
N:\>gpresult
Microsoft (R) Windows (R) XP Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001
Created On 7/24/2006 at 11:48:37 AM
RSOP results for WATSON_DOMAIN\bettinge on USNYDSK0299 : Logging Mode
-------------------------- ---------- ---------- ---------- ---------- ----
OS Type: Microsoft Windows XP Professional
OS Configuration: Member Workstation
OS Version: 5.1.2600
Domain Name: WATSON_DOMAIN
Domain Type: Windows 2000
Site Name: CAR01
Roaming Profile:
Local Profile: C:\Documents and Settings\bettinge
Connected over a slow link?: No
COMPUTER SETTINGS
------------------
CN=USNYDSK0299,OU=Kiosk,OU =Single Function Workstation,OU=CAR,OU=NY,O U=US,DC
=na,DC=watson,DC=com
Last time Group Policy was applied: 7/24/2006 at 11:37:41 AM
Group Policy was applied from: usnysrv0013.na.watson.com
Group Policy slow link threshold: 500 kbps
Applied Group Policy Objects
-------------------------- ---
General Watson Workstations SUS Update GPO V1.0
Default Domain Policy V1.4
The following GPOs were not applied because they were filtered out
-------------------------- ---------- ---------- ---------- ---------- -
Special Function US NY Carmel Empower Workstation GPO V1.1
Filtering: Not Applied (Empty)
Local Group Policy
Filtering: Not Applied (Empty)
The computer is a part of the following security groups:
-------------------------- ---------- ---------- ----------
BUILTIN\Administrators
Everyone
Debugger Users
BUILTIN\Users
USNYDSK0299$
Domain Computers
NT AUTHORITY\NETWORK
NT AUTHORITY\Authenticated Users
USER SETTINGS
--------------
CN=Bill Ettinger,OU=Users,OU=CAR,O U=NY,OU=US ,DC=na,DC= watson,DC= com
Last time Group Policy was applied: 7/24/2006 at 11:37:41 AM
Group Policy was applied from: usnysrv0013.na.watson.com
Group Policy slow link threshold: 500 kbps
Applied Group Policy Objects
-------------------------- ---
Default Domain Policy V1.4
The following GPOs were not applied because they were filtered out
-------------------------- ---------- ---------- ---------- ---------- -
Local Group Policy
Filtering: Not Applied (Empty)
The user is a part of the following security groups:
-------------------------- ---------- ---------- ------
Domain Users
Everyone
BUILTIN\Power Users
BUILTIN\Users
BUILTIN\Administrators
DP-Ccat-001-R
AP-Citrix-004-Admin
AP-Citrix-003-Admin
DP-MRPIISupply-001-R
DP-INFOLIB-001-R
OP-IDs-001-R
DP-Watsonprodu-001-R
DP-SAPEndUser-001-R
AP-Websens-001-GUser
DP-SupAudits-001-R
DP-ProjectDoc-001-R
Dp-SLCtraining-001-R
DP-IS-001-C
DP-MRPII-001-R
DP-changedecis-001-R
DP-MSAccess200-001-R
OP-Remote-001-Users
DP-SAPUAT-001-R
DP-Facilities-003-C
OP-ITNocPage-001-Users
DP-ProjectExch-001-C
OP-AppsInst-001-Users
DP-ScoreMRPII-001-R
DP-Steris-001-C
Domain Admins
DP-Templates-001-R
DP-ITProjectRe-001-R
DP-MiamiTrans-001-R
DP-ScoreSite-001-R
AP-HotDox-001-UsersC
DP-MSAccess200-002-C
AP-Argent-001-Admin
DP-ITinfrastru-001-R
DP-NewSAPAccou-001-R
DP-SDLCandPMM-001-R
OP-Wireless-001-User
DP-Documentsma-001-C
OP-AppsInst-001-Users-Loca l
LOCAL
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
N:\>
N:\>gpresult
Microsoft (R) Windows (R) XP Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001
Created On 7/24/2006 at 11:48:37 AM
RSOP results for WATSON_DOMAIN\bettinge on USNYDSK0299 : Logging Mode
--------------------------
OS Type: Microsoft Windows XP Professional
OS Configuration: Member Workstation
OS Version: 5.1.2600
Domain Name: WATSON_DOMAIN
Domain Type: Windows 2000
Site Name: CAR01
Roaming Profile:
Local Profile: C:\Documents and Settings\bettinge
Connected over a slow link?: No
COMPUTER SETTINGS
------------------
CN=USNYDSK0299,OU=Kiosk,OU
=na,DC=watson,DC=com
Last time Group Policy was applied: 7/24/2006 at 11:37:41 AM
Group Policy was applied from: usnysrv0013.na.watson.com
Group Policy slow link threshold: 500 kbps
Applied Group Policy Objects
--------------------------
General Watson Workstations SUS Update GPO V1.0
Default Domain Policy V1.4
The following GPOs were not applied because they were filtered out
--------------------------
Special Function US NY Carmel Empower Workstation GPO V1.1
Filtering: Not Applied (Empty)
Local Group Policy
Filtering: Not Applied (Empty)
The computer is a part of the following security groups:
--------------------------
BUILTIN\Administrators
Everyone
Debugger Users
BUILTIN\Users
USNYDSK0299$
Domain Computers
NT AUTHORITY\NETWORK
NT AUTHORITY\Authenticated Users
USER SETTINGS
--------------
CN=Bill Ettinger,OU=Users,OU=CAR,O
Last time Group Policy was applied: 7/24/2006 at 11:37:41 AM
Group Policy was applied from: usnysrv0013.na.watson.com
Group Policy slow link threshold: 500 kbps
Applied Group Policy Objects
--------------------------
Default Domain Policy V1.4
The following GPOs were not applied because they were filtered out
--------------------------
Local Group Policy
Filtering: Not Applied (Empty)
The user is a part of the following security groups:
--------------------------
Domain Users
Everyone
BUILTIN\Power Users
BUILTIN\Users
BUILTIN\Administrators
DP-Ccat-001-R
AP-Citrix-004-Admin
AP-Citrix-003-Admin
DP-MRPIISupply-001-R
DP-INFOLIB-001-R
OP-IDs-001-R
DP-Watsonprodu-001-R
DP-SAPEndUser-001-R
AP-Websens-001-GUser
DP-SupAudits-001-R
DP-ProjectDoc-001-R
Dp-SLCtraining-001-R
DP-IS-001-C
DP-MRPII-001-R
DP-changedecis-001-R
DP-MSAccess200-001-R
OP-Remote-001-Users
DP-SAPUAT-001-R
DP-Facilities-003-C
OP-ITNocPage-001-Users
DP-ProjectExch-001-C
OP-AppsInst-001-Users
DP-ScoreMRPII-001-R
DP-Steris-001-C
Domain Admins
DP-Templates-001-R
DP-ITProjectRe-001-R
DP-MiamiTrans-001-R
DP-ScoreSite-001-R
AP-HotDox-001-UsersC
DP-MSAccess200-002-C
AP-Argent-001-Admin
DP-ITinfrastru-001-R
DP-NewSAPAccou-001-R
DP-SDLCandPMM-001-R
OP-Wireless-001-User
DP-Documentsma-001-C
OP-AppsInst-001-Users-Loca
LOCAL
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
N:\>
What is the policy name that you made the changes to that are not applying?
If it is a computer OU that it is being applied to and it is a user config. then nothing will happen, it needs assigning to a container with the users is....
Steve
Steve
ASKER
The policy name is "Special Function US NY Carmel Empower Workstation GPO V1.1". The GPO is set to be read by all authenticated users so it should apply to them.
OK it's applying to the workstation, but the Computer Config is empty.
I don't see it applying at all to the User - so as Dragon-it has stated above, the User Accounts must be in the path of the policy.
I don't see it applying at all to the User - so as Dragon-it has stated above, the User Accounts must be in the path of the policy.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Good eyes.
Since the users won't likely be there, then loopback is the only way to go on that policy.
Since the users won't likely be there, then loopback is the only way to go on that policy.
ASKER
I will test your suggestions tomorrow! Thanks for the help!
ASKER
I want to thank all for their help!! This seems to have solved problem. I did accept Netman66's answer but want to give Dragon-It honorable mention!!
Er it was actually I that suggested loopback would solve :-(
Agreed. Dragon-IT actually suggested this - I was simply agreeing with him.
Please post a Q in Community Support to reopen this and assign points accordingly.
Please post a Q in Community Support to reopen this and assign points accordingly.
Sounds fair to me, thanks. I am a fair way behind you in points though, think you might take a bit of catching up mind somehow ;-)