• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 482
  • Last Modified:

Computer GPO Applying... But not....

Hello All

I'm attempting to apply a GPO to an OU containing users and computers, and specifically I'm attempting to enable "Offer Remote Assistance". I've created the GP, enabled the link and enforced it. On the test client machine (xp pro) I've run gpresult and confirmed that the policy is being applied to the Computer Settings. Problem is that when I run gpedit.msc the GP does not appear to have been applied, as remote assitance still shows as not configured. Also, remote assistance is not working. Any suggestions please?
0
jostafew
Asked:
jostafew
  • 5
  • 3
  • 2
2 Solutions
 
fuzzer123456Commented:
Try running a gpupdate /force comand on it.

If not that , have you got a local policy setup on the machine? this will over rule the domain one.
0
 
jostafewAuthor Commented:
Ok, ran that cmd but no change. I haven't applied a local policy to the machine, but I can't say for sure that it hasn't been done by other means. How can I confirm if there are any policies in place?
0
 
fuzzer123456Commented:
gpresult will give you a definitive list of applies policies on the computer. Running GPEDIT.msc will open the local policy . This doesnt change when the GP is being applied to the computer.

gpresult is the only real way to see what is and what isnt being applied. Have you tried to do something else with the GP? I would also try adding a user based GP too such as remove the clock to see if its working for user and not computer.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Rick FeeMessaging Engineer - Disaster Recovery EngineerCommented:
Run RSOP.MSC which is Resultant Set of Policy that is query engine that polls existing policies and planned policies for the workstation or servers
0
 
jostafewAuthor Commented:
It appears that my original question is taking a bit of a turn. I've confirmed that my policies are being applied using RSOP and I can successfully offer and begin providing remote assistance to one of several test machines. That being said it's still failing on a couple others. I'm trying to determine why I'm not getting anywhere on those machines, but in the meantime I will welcome any suggestions.
0
 
Rick FeeMessaging Engineer - Disaster Recovery EngineerCommented:
Beyond saying that the GPO is failing are you getting any error messages in the event logs.   Or when you run rsop on a workstation that failed to apply getting any warnings there.    The workstations are talking to the DCs without issue via DNS?    I have also seen various switch configurations caused GPO issues but that is mainly when applying software.    Lock down the ports so there is no auto negotiation will fix that.   Turn off spanning tree protocol.
0
 
jostafewAuthor Commented:
Sorry, maybe my wording wasn't the best. On all machines I've confirmed that the GPO is being applied properly, but the remote assistance etc. fails.  The workstations have good connectivity to the DC, I don't see any issues there. I'm now using a handy gadget for Vista found here: http://www.scriptingpod.com/rcf-gadget.asp that allows me to quickly initiate a help session or do other tasks like check basic machine info. On the failing machines, if I attempt to check basic info I get an error; RPC server unnavailable. If I attempt to offer RA it fails with an error about computer name and permissions. I've created GPOs to allow RA, added the administrators group and my regular account as approved accounts, enabled ping (ICMP), and enabled remote desktop. I'll keep working at it but I'm starting to run out of ideas.
0
 
jostafewAuthor Commented:
I forgot to add that on a problem machine I can initiate RA through an emailed invitation, but cannot initiate it remotely.
0
 
fuzzer123456Commented:
How about just using VNC ? would be much easier in the long term.
0
 
jostafewAuthor Commented:
VNC would be a considerable investment... RA is free ;-) I think I should really start this thread over in another topic as my original question was answered.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now