I have the following problem with group policy:
On a Windows 2003 domaincontroller I have the following group policy:
Default Domain Controller Policy, with the following settings:
Permit Acces to the control panel , Enabled
Hide all items on desktop, Enabled
Administrator Policy with the following settings:
Permit Acces to the control panel , Disabled
Delete the run item from the control panel, Disabled
So the adminstrators has access to the control panel, and the users don't
If I use the Group Policy Management tool from Microsoft, for simulating the GPO's is receive the following results:
For the user on a XP machine:
I see the GPO Default Domain Policy is Apllied, and the Administrator policy is denied, so this is OK.
When I look at the settings, I see the settings for desktop and control panel are enabled, so there not visible, this seems to be OK.
But now the administrator on a XP machine.
I see now both domain and admin policies are enabled.
When I go to the settings results, I see the following.
permit acces to control panel, disabled , winning GPO Admin policy.
This is OK, but now here is the problem, I don't see the other policy of the desktop items, wheiter it is disabled or enabled, it just doesn't show up!