Solved

Group Policy Issue

Posted on 2011-02-23
5
457 Views
Last Modified: 2012-05-11
Hi

We have 3 group policies configured.  1 is root on the domain, 2nd is for a proxy server (which is configured for loopback processing) for computers not users, and a third is for users only.

problem is the users only policy isnt being picked up.  i suspect this is becase of the loopback setting on the proxy policy.

an ideas?
0
Comment
Question by:CHI-LTD
  • 2
  • 2
5 Comments
 
LVL 37

Expert Comment

by:Neil Russell
ID: 34959762
How do you mean the users only policy is being picked up?
On what OU's are the policies defined? Are the policies against the right OU's for your users and your computers?
What output does an gpresult.exe /z give on a workstation?
0
 
LVL 11

Expert Comment

by:Tasmant
ID: 34959978
you should only apply loopback processing mode if necessary.
i don't think you need it here.
proxy settings have to be applied in the user part of the GPO applied to your users.
so you can delete the loopback GPO.

when applying loopback policy mode on computers, then when an user connect on, the user takes all the gpos where the computer belong, and not the user.
0
 
LVL 1

Accepted Solution

by:
CHI-LTD earned 0 total points
ID: 34996433
Had to get rid of the loopback processing as issues elsewhere.

Now using:

UserConfg-WindowsSettings-InternetExplorerMaintenance-Connection-ProxySettings (preference Mode)
Interent Explorer Maintenance set to Preference Mode.

Policy now applies to users however if the interent connection settings are changed - i.e. user disables proxy the GPO doesnt reapply on logon.
Is there any way of forcing the GPO for this IE maintenance setting?

I will then also disable the conenctions topion in GPO - but need to ensure the policy is forced/applied.

thx
0
 
LVL 11

Expert Comment

by:Tasmant
ID: 35012400
yes you can force IE part of the GPO to apply at each refresh:
Computer Configuration\Administrative Templates\System\Group Policy\Internet Explorer Maintenance policy processing
Check the "Process even if the Group Policy Objects have not changed".
This will apply the CSE "Internet Explorer Maintenance" (Client Side Extension) at each GPO background refresh, by default every 90 minutes on client computers.
0
 
LVL 1

Author Closing Comment

by:CHI-LTD
ID: 35115245
used the preference mode (per OU policy)
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

680 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question