• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 442
  • Last Modified:

GPO adm template not staying unchecked

I have added a custom adm template to redirect users favorites folder.  I have to uncheck the "Only show policy settings that can be fully managed" box to get setting to appear in the GPO.  It works great "once".  I log on and the setting is applied correctly.  The problem is if I go into the registry and change my favorites setting under User Shell folders and re-logon, it doesn't get reapplied.  I go back to my GPO and have to uncheck the box again, then re-logon to get the setting applied again.

Is there anyway for this adm to work on every login without having to go into the GPO and uncheck the "Only show policy settings that can be fully managed" box everytime?
0
RFiorini
Asked:
RFiorini
  • 3
  • 3
1 Solution
 
iedenCommented:
enforce the policy.
0
 
RFioriniAuthor Commented:
The policy is enforced.
0
 
Spike99On-Site IT TechnicianCommented:
The "only show policy setitngs that can be fully managed" is always checked by default.  I don't think there's anything you can do to change it, though.

However, I don't think it's any cause for concern: that setting only affects which policies you see when you edit the GPO: it has no impact on how the GPO is applied.  It's intensely annoying that you have to change the view setting every time you edit GPOs, but that's just the way it works.

Is the GPO linked to the user OU or the server OU? If it's linked to the server OU, be sure that you have loopback policy processing of group policy enabled otherwise the policy won't be applied.  Here's some info on that:
     http://support.microsoft.com/kb/231287

You might want to run GPRESULT in a DOS window to see what policies are being applied.  Here's the MS technet article on how to run GPRESULT from the command line:
   http://technet.microsoft.com/en-us/library/cc755461%28WS.10%29.aspx

Alicia
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
RFioriniAuthor Commented:
Thanks Alicia for you response.  This is all about redirecting folders.  Tried through GPO.  Sometimes it works, other times not.  Tried through scripts to import registry keys, again, sometimes and sometimes not.  Tried with adm template, again, same pattern.  Does Microsoft do anything that works the same way all the time?  And this all came about because the mapping of a users home directory through the Active Directory sometimes falls short of mapping to the users directory and winds up mapping to the root share.  I'd be seriously chasing my tail if I had one.

Anyway, thanks again for your response.

Bob
0
 
iedenCommented:
I've found that modifying certain defaults in Windows the application of folder redirection can be adversly affected.
1. The HDD needs to be NTFS
2. The My Documents folder needs to be in the Users profile.
3. The Temporary Internet Files folder needs to be in the Local Settings directory of the users profile.
4. Profile must be owned by the user and not a group.
0
 
RFioriniAuthor Commented:
Thanks ieden.  I'll give all that a try.
0
 
iedenCommented:
Also in the policy you might want to enable loopback processing.
Setting permissions on redirected folders can be pretty tricky too.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now