Solved

GPO not taking effect

Posted on 2009-07-09
7
248 Views
Last Modified: 2013-12-04
I have recently added a GPO that enables account logon events to be logged on all workstations. I have created/linked/enabled the GPO and made the proper configs in the audit policy. I ran gpupdate /force on the server and workstation but my settings are not taking effect. What am I doing wrong?
0
Comment
Question by:mhmservices
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 11

Accepted Solution

by:
willettmeister earned 200 total points
ID: 24817344
You must have a GPO higher in precedence that is setting a conflicting policy.  Run gpresult against the traget workstation and look at the GPO's that are being applied and check to ensure that nothing is conflicting with your new policy.
0
 

Author Comment

by:mhmservices
ID: 24817377
It is saying that it was "filtered out"
0
 
LVL 11

Assisted Solution

by:snoopfrogg
snoopfrogg earned 150 total points
ID: 24817394
Like willettmeister referred to, do you have other GPOs with auditing settings enabled or disabled?  Does the GPO you created have any filtering enabled via security group or user permissions?  Are WMI filters in use on the GPO?
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 11

Expert Comment

by:willettmeister
ID: 24817401
You must be using either security filtering or WMI filtering then  Check the GPO to ensure that you are in the correct security group or that the the system you are looking at satisfies the WMI query.
0
 
LVL 20

Assisted Solution

by:MightySW
MightySW earned 150 total points
ID: 24817403
Yes, it was filtered out because the default domain policy is conflicting.  You need to either create another OU, block inheritance, and then link that OU or have it overwritten by the Default Domain Policy.
0
 
LVL 20

Expert Comment

by:MightySW
ID: 24817424
Also, you need to just ensure that you apply it to authenticated users...Don't get fancy with groups when you are trying to troubleshoot GPO's.

Create the separate OU or change the security / audit settings in the Default Domain Policy.  
0
 
LVL 11

Expert Comment

by:snoopfrogg
ID: 24817482
I'd definitely stay away from filtering via security principals as it makes troubleshooting issues like this more difficult.  I prefer to use WMI or the methods MIghtySW mentioned (create another OU, or block inheritance).
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question