I have a nice size domain and my GPOs recently stopped working. If i use the GPO Modeling, it shows what should be the correct GPOs to be supplied to the clients. Also, if i run a GPUPDATE /force from the domain controller logged on as myself (a domain admin), it shows exactly what is in the GPO Modeling and all looks fine.
HOWEVER, if i run check my GPOs from any other machine and run a GPUPDATE /FORCE, it is getting GPOs that used to be aplpied but are no longer valid. The GPRESULT on these machines shows that is checked the same domain controller that i did the correct gpresult on earlier and it shows that its results are current.
I cant figure out why the client machines are getting the latest GPOS.
This is happening on all clients. Some client are in a different vlan, behind a cisco pix, but this is happening even on the same subnet as the servers, so the pix rules are not causing it.