Solved

User Group Policy Update - From Admin Command Prompt

Posted on 2010-09-22
3
1,276 Views
Last Modified: 2012-05-10
I have a domain running Vista workstations and Server 2008 DC's across 3 sites, all in the same domain.

I need to be able to force a GPupdate for a specific user (the logged on user) but they are restricted from accessing the command prompt.

If I open the command prompt as domain admin and run a gpupdate /force it seems to only update the policy for the computer and the ADMIN user, not the currently logged on user.

Same thing with rsop. It reports on the computer policy and the DOMAIN\Administrator policy rather than the currently logged on user.

Without the domain user being able to access the command prompt, how can I force an update of their user GPO?
0
Comment
Question by:ThePhreakshow
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 31

Expert Comment

by:Justin Owens
ID: 33739727
When you open up the command prompt as your domain admin, you are running it as that user, so any GPOs you update will be FOR that user (the admin).  The easiest answer is to give (even if only temporarily) your user admin rights.  Also, a reboot should have the same effect as a gpudate.  Another option would be if the user can get to a Run line, the user can run a gpupdate /force from there, and just not see the results.  OR, you can use RUNAS from the admin window to run GPUPDATE as the user in question, but that might yield mixed results.
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 33741280
try to run this command this way

runas /user:<this_particular_user> "gpupdate /force"

give this user's password and it would work on its account
0
 
LVL 5

Expert Comment

by:balmasri
ID: 33742780
option 1 Just restart the computer.
option 2 wait 90min until the group policy is refreshed
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Ready for our next Course of the Month? Here's what's on tap for June.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question