Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

GPO not assigned to one computer for logon script

Posted on 2010-11-19
7
Medium Priority
?
752 Views
Last Modified: 2012-05-10
Hi experts,

Group policy does not seem go control one computer of the eight that I have. I have SBS 2008 and all XP Pro computers. The computer works fine, is one the domain and can network with the server with no issues.

I have done the Group Policy Results for each computer and user for comparison, and there are some errors in a few of them. I can also run an RSoP.

In the Group Policy Management in the Default Domain Policy under Scope, it lists the that Domain Admins and Domain Users are in the Security Filtering, but the WMI filtering is set to none. There is a selection for Windows XP Clients, but I don't know why that would help if most of the computers are working any.

Thanks for any help.

Bert
0
Comment
Question by:Bert2005
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 27

Expert Comment

by:KenMcF
ID: 34179572
Are other policies getting applied on this computer?
What are the errors you are getting?

Can you run gpresult on a computer that is working and the one that is not and post.
also run gpresult /v to compare.

Are there any errors in the event logs on the comuter?

Are you using Group Policy Preferences? Make sure you have the client side extensions install on the computer.
http://www.microsoft.com/downloads/en/details.aspx?familyid=E60B5C8F-D7DC-4B27-A261-247CE3F6C4F8&displaylang=en
0
 
LVL 24

Accepted Solution

by:
Awinish earned 2000 total points
ID: 34179600
GPO, not applying can be because of many reason it can NIC issue, permission issue, corruption on system files or antivirus is not letting it to apply or might be Virus issue.

As, you said its applying except one system, it looks to be more system related than GPO error but for your confirmation you can use gpotool.exe to check health of GPO & also make sure replication is working fine & dc is not reporting the error.

You can also use gpupdate /force cmd on client machine & try to reboot & check the result.
In order to break the puzzle, it best start with RSOP.MSC & that you might have already tried,so try to enable userenv logging to troubleshoot the GPO application error in depth.

http://blogs.technet.com/b/askds/archive/2008/11/11/understanding-how-to-read-a-userenv-log-part-1.aspx
0
 
LVL 1

Author Comment

by:Bert2005
ID: 34181066
Thanks guys,

Appreciate your input. Looks like I have a lot to do. Ken, I lied after I went back and checked, none of the group policy is working on this machine.

Let me take one step at a time and post back. I did do the gpresult I think. I know I did all of the checks but didn't run RSoP as I didn't want to duplicate anything. I will post both for two machines.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 1

Author Comment

by:Bert2005
ID: 34181076
All I did was run gpupdate /force n the bad machine, and it is working now. I didn't know I could do that.
0
 
LVL 1

Author Closing Comment

by:Bert2005
ID: 34181314
It is so nice when the easiest thing is what fixes it. It definitely worked with the client gpupdate. I appreciate all the help and will save the two comments to my knolwedge base as there is clearly more information here that is usable.
0
 
LVL 24

Expert Comment

by:Awinish
ID: 34182187
Great, its working..:)
0
 
LVL 1

Author Comment

by:Bert2005
ID: 34182610
Yes, and my staff can't come in late anymore. :-)
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question