How to use Offline files for laptops and not for workstations

OK, my question is this, I have 2003 server R2, and windows xp pro workstations and laptops.

Now currently users have all offline files disabled (using group policy) as I did not want the workstations to sync with offline files. I did this by disabling all the offline files options I could find in group policy as when I first setup the environment, the offilne files kept syncing.  That works fine, user logs in, and nothing syncs. Now I have to get their laptops to work so that when the user is off the network at home, they can still work with their files and when they come back and connect it syncs up any changes. I have tried to create another policy for the laptops and moved the laptops into that container AD and then created a new GP and defined offline files is enabled. Currently though this is not working and the offline files options are greyed out when I login to the laptop as a user.

So have I done this right for using offline files on laptops. Currently the user GP will tell the computer no offline files, but I want only laptops to use offline files. HELP please.. thank you in advance.
LVL 2
moonlightallanAsked:
Who is Participating?
 
AmericomConnect With a Mentor Commented:
Again, parent OU group policies are applied before child OU group policies. Policies applied later will overwrite policies applied earlier unless the No Override option is enabled on a GPO link.
0
 
AmericomCommented:
You are doing the right thing I believe. You would create an OU and move your laptop there then apply the Offline-Enabled GPO to this laptop OU. To be sure the policy is applied to this OU, pick one machine and run a gpresult to see what GPOs actually being applied. My guess is you probably have both the User and Computer configuation configured. If so, then you need to disable the User configuration and only enable for Computer configuration as you are intending to apply to computer and not users.
0
 
fingwongCommented:
Hi There

AS I uncerstand, you have moved all the laptops into a OU and applied a GPO to that OU allowing them access to ofline files.  However, as you have mentioned, Offline Files is a user configuration, so in order to enable the setting for just those users, the user accounts would have to reside in that same OU as well.

The option is greyed out because, the User accounts are having Group Plocies applied to them from either another OU, or its being cascaded down from a Domain Policy.

One way to resolve it would be to move users from their respective OU, to the same OU as the Laptops.  Or within Group Policy management console, set -up a filter on the security tab, so that these users didnt have the ability to read whichever GPO was stopping them having access to "Offline Files".

This, however has its down side, beacuse it would ignore every setting on the "ignored" Group Policy and not just the "Offline Files" setting.

Hope this helps.  

Fingwong
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
moonlightallanAuthor Commented:
In reply to Americom:  Well I will tell you more information. We are a school so currently I have OU's for Staff, Pupils, and the computers are in OU's for their area so that I can role out printers. Now the PC's i do not want offline file sync to take place. So in an effort to stop that I disabled all the offline file settings in the GP for Staff and Pupils and the computer. If I now enable those in the newly created Laptop OU will this override the existing settings I have disabled? Im not sure how the settings for a USER work in the Laptop OU, and so I  have currently only changed the GP for the COMPUTER in the Laptop OU not USER. .
0
 
moonlightallanAuthor Commented:
so basically the Staff or Pupils when they login will not have offline file enabled. I just want the laptops to have offline file sync working.
0
 
AmericomCommented:
If the newly created OU is under the OU where you applied the Offline-files disabled, and the new GPO for enabling the Offline-files is applied to the newly created OU, it will be the last to applied, thus enabled. Parent OU group policies are applied before child OU group policies. Policies applied later will overwrite policies applied earlier unless the No Override option is enabled on a GPO link.
You don't need to do anything with the Users configuration(assuming is is not configred) as it has less options than the Computer configuration.
0
 
moonlightallanAuthor Commented:
so are you saying to create the laptop OU inside the Staff OU ?
0
 
moonlightallanAuthor Commented:
if i put the Laptop OU inside the Staff OU then the Laptop OU would become a child of Staff. But if so I thought the child has lower priority and therfore offline would still be disabled ?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.