Solved

Win2k3 doesn't enforce Win2k8 Global Policy

Posted on 2010-09-08
9
596 Views
Last Modified: 2012-05-10
Server 1 = Win2k3 Standard ( No R2 ), Latest SP, Hotfixes, Updates, 32bit
Server 2 = Win2k8 R2 Standard, Latest SP, Hotfixes, Updates, 64 Bit

I have a problem where I have two DC's in a domain. I have created a Global Policy under User Config in Server 2 using the GP Preferences. However, when you view the GP in Server 1, it does NOT show the policies under User Config Preferences. Infact, when creating a GP in Server 1, it doesn't show Preferences as an option. I've installed Windows-KB943729-x86-ENU.exe on Server 1, but that hasn't changed anything.

I'm including two snapshots. Each showing the GP on their respective servers. I would be extremely grateful if someone could help me in getting Server 1 to work with GP Preferences :)


Win2k3GP.jpg
Win2k8GP.jpg
0
Comment
Question by:fgarufijr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 24

Expert Comment

by:Mike Thomas
ID: 33625881
Preferences only exist on 2008, you should really be doing all management from your 2008 server or connecting managemnt tools to that server.

Just forget about the 2003 server now and look at upgrading it.







0
 

Author Comment

by:fgarufijr
ID: 33625910
I created the GP in Win2k8.... When some workstations weren't showing the GP, I went and did a RSOP.msc to see if the policy came down to the workstation. Thats when I noticed that they didn't get the User Preferences, so they must have gotten the policy from Server 1 which is the Win2k3 server.

Is there a way to make sure that workstations only look at the Win2k8 server to get its policy updates?
0
 
LVL 24

Expert Comment

by:Mike Thomas
ID: 33625924
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:fgarufijr
ID: 33625932
Sorry... They are Win 7 Pro clients.
0
 

Author Comment

by:fgarufijr
ID: 33625964
I'm attaching a screenshot of the Win7 RSOP.MSC. You will notice in the screenshot that the GP for the Computer Config has come down, but the User Config has not due to Preferences
Win7GP.jpg
0
 
LVL 24

Expert Comment

by:Mike Thomas
ID: 33626017
0
 

Author Comment

by:fgarufijr
ID: 33626263
Thanks Mojo....

I've read the entire article and from what I've read, I should be able to see the User Preferences in GPM on my Win2k3 DC after installing KB943729... And yet, I still cant.

Basically, the short of the article is that with KB943729 installed, Preferences should be enabled in Group Policy.

Does it matter that the DC is NOT Win2k3 R2??
0
 
LVL 24

Accepted Solution

by:
Mike Thomas earned 500 total points
ID: 33626302
It should work this MS article list some pre reqs at the bottom though for "XmlLite" has this been installed?

http://support.microsoft.com/kb/943729
0
 

Author Comment

by:fgarufijr
ID: 33626388
Yep... XMLLite must be installed. I just downloaded it from the link in that article and it said that my service pack is newer than the file that was being installed so there was no need to apply that update.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question