Solved

Group Policy Issue

Posted on 2011-02-23
5
452 Views
Last Modified: 2012-05-11
Hi

We have 3 group policies configured.  1 is root on the domain, 2nd is for a proxy server (which is configured for loopback processing) for computers not users, and a third is for users only.

problem is the users only policy isnt being picked up.  i suspect this is becase of the loopback setting on the proxy policy.

an ideas?
0
Comment
Question by:CHI-LTD
  • 2
  • 2
5 Comments
 
LVL 37

Expert Comment

by:Neil Russell
ID: 34959762
How do you mean the users only policy is being picked up?
On what OU's are the policies defined? Are the policies against the right OU's for your users and your computers?
What output does an gpresult.exe /z give on a workstation?
0
 
LVL 11

Expert Comment

by:Tasmant
ID: 34959978
you should only apply loopback processing mode if necessary.
i don't think you need it here.
proxy settings have to be applied in the user part of the GPO applied to your users.
so you can delete the loopback GPO.

when applying loopback policy mode on computers, then when an user connect on, the user takes all the gpos where the computer belong, and not the user.
0
 
LVL 1

Accepted Solution

by:
CHI-LTD earned 0 total points
ID: 34996433
Had to get rid of the loopback processing as issues elsewhere.

Now using:

UserConfg-WindowsSettings-InternetExplorerMaintenance-Connection-ProxySettings (preference Mode)
Interent Explorer Maintenance set to Preference Mode.

Policy now applies to users however if the interent connection settings are changed - i.e. user disables proxy the GPO doesnt reapply on logon.
Is there any way of forcing the GPO for this IE maintenance setting?

I will then also disable the conenctions topion in GPO - but need to ensure the policy is forced/applied.

thx
0
 
LVL 11

Expert Comment

by:Tasmant
ID: 35012400
yes you can force IE part of the GPO to apply at each refresh:
Computer Configuration\Administrative Templates\System\Group Policy\Internet Explorer Maintenance policy processing
Check the "Process even if the Group Policy Objects have not changed".
This will apply the CSE "Internet Explorer Maintenance" (Client Side Extension) at each GPO background refresh, by default every 90 minutes on client computers.
0
 
LVL 1

Author Closing Comment

by:CHI-LTD
ID: 35115245
used the preference mode (per OU policy)
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question