Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Computer GPO Access Denied

Posted on 2009-04-08
2
640 Views
Last Modified: 2012-05-06
Hi

I created a gpo on a windows 2003 serve to apply to a windows xp client. I had some settings on both user and computer settings, so i enabled loopback. Then i removed the authenicated user from the gpo and applied the user group i want for this gpo and then linked the gp to an ou that contains both the users and pc's in question. Now when a user logs on the user side settings allpy but not the computer side and if i run gpresult it tells me the computer side gpo did not apply access denied. Now if i add the target pc to the security tab and reboot the pc it then works. is this the case? do i have to add every single pc to this security filter as well as users?

ta
0
Comment
Question by:kingcastle
2 Comments
 
LVL 49

Accepted Solution

by:
Akhater earned 300 total points
ID: 24095805
Yes this is the case,

since it is a loopback policy then the computer is the one reading it and applying it on the user,

So the computer should have permissions on it
0
 
LVL 18

Assisted Solution

by:Americom
Americom earned 200 total points
ID: 24104169
It's kind of tough to manage GPOs in your OU layout. By configuring both User settings as well as computer settings in the same GPO and linked ot OU with both computers and user accounts plus loopback makes it even more complicated.

You said that all your user settings gets applied but not computer settings, I'm just curious why and how you use the loopback policy as well as what computer and user settings in this GPO.

My suggestion is it would be a lot easier to separate and create one root OU for workstations and one for Users. Under each root OU, organize the objects by locations as user and workstation account are more senetive to location. This way, you would have a better control of GPO links as well as a better way of eliminating extra works and reduce complexity of your GPO and OUs in the future.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question