GPO not being applied unless PC is rejoined to the domain
Posted on 2006-11-21
We have recently started to use GPOs throughout our company and thought everything was going according to plan until we discovered that certain policies are not being applied to certain computers. Amongst them is a policy to disable mass USB storage devices, and also a policy that installs Flash on the PC.
This is not affecting all the PCs, only certain ones. We only use Windows 2000 and Windows XP clients and this problem is not specific to either one. All our domain servers are Windows 2003.
As I mentioned, this is not a domain wide problem as it only affects certain PCs. I have today found two identical PCs, same Dell model, same operating system (windows 2000), same patches and security updates installed......yet one of them applies all the policies at logon and the other one only applies certain policies..
I have found that if I 'un-join' the problem PC from the domain, add it to a workgroup, reboot, rejoin the domain then all of the policies work as they should.
I know that I can get around this problem by rejoining the PCs to the domain, but could someone suggest why this is happening and if there is something I can do instead of rejoining each PC to the domain ?
thanks in advance for any help