Solved

Can't deploy registry setting via GPP

Posted on 2011-03-03
9
1,232 Views
Last Modified: 2013-12-27
Hello all

I'm trying to create an "Auto Logon" procedure for a render farm at an animation company.  Basically I'm trying to add\update registry keys that will enable AutoLogon.  We have a Windows 2003 R2 Server (with SP2).  I have installed RSAT on a Windows 7 64bit domain member and tried configuring the Group Policy Preference from there.  I create the registry keys etc and force it to update.  I have added only 1 PC to the scope for testing purposes.  I force the test PC (also Windows 7 64bit domain member) to update the Group Policy but the changes do not update in the registry.

I have also tried with just test keys but nothing seems to be created on the test PC.

I also configured an AutoLogin ADM but still the same result... nothing on the Test PC.

No doubt I'm doing something stupid and will be stoked if someone can tell me what that something stupid is.
0
Comment
Question by:stormstar
  • 7
  • 2
9 Comments
 
LVL 5

Accepted Solution

by:
jhill777 earned 500 total points
ID: 35028036
Run the Group Policy Results Wizard, entering the computer name of the one PC you have in that OU where the GPO is applied.  Will probably be some errors in there.  We can start there.
0
 

Author Comment

by:stormstar
ID: 35031374
Thanks mate...

Sadly I'm pretty new to this so I only googled on how to do that.

From the Server, I opened a command Window and typed "gpresult /s T1011D29 (which is the PC name)
This came back saying "Getting the domain information ...ERROR:  An unexpected error occurred."

Any suggestions?

The remote machine is on etc...
0
 

Author Comment

by:stormstar
ID: 35031594
Hello again

Thanks for your help so far jhill777.  I think you've got me heading in the right direction.

After getting the error above, I ran the gpresult /R command straight from the T1011D29 machine.  Under the section "Applied Group Policy Objects" I did not see my new GPO "Rendernode AutoLogon".  It also was not listed in the GPOs that were filtered out etc.

Anyway...  First of all a stupid mistake (as I am new to this).  I hadn't gone into the AD and linked the GPO yet.  I did this and linked it to the "3D Department" which contains the group "Rendernodes" which contains the PC "T1011D29".  In GP then when I go to this GPO, now in the Links section I have 3D Department, and in the Security Filtering below that, I have the machine T1011D29 only.  That all seemed right to me...  Please correct me if I'm wrong.

Anyway...  I forced GP to update.  I ran gpupdate at the server and gpupdate /force on T1011D29 but still no changes to the registry.

Hopefully this new info may help us come to a solution.  Thanks again for your help.
0
 

Author Comment

by:stormstar
ID: 35031716
Sorry mate...  Another update.  I keep trying new things and just update you with what I find.

OK.  So I went to one of my Windows 7 boxes and using GPP created a new PO called TEST.  Basically I set it to create a junk key in the HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

Again no key was created...  BUT... when I ran gpresult /r, my new GPO was listed in the "GPO not applied as it was filtered out".

Could you tell me where I went wrong with that one?  It seems that one is a lot closer to working than the other so if I can get that working, I'll be happy and will create the AutoLogin reg keys that way.

Thanks again
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Author Comment

by:stormstar
ID: 35031777
Under the "GPO not applies as it was filtered" section...  The new TEST GPO says Denied (Security).
0
 

Author Comment

by:stormstar
ID: 35032974
Just for further info.  I played around with the security stuff and was able to get it to say it was filtered as it was empty.  I then realised I was only looking at the "User" side of the policy.  I specified /SCOPE Computer and got access denied.  Added the user as local admin and could then access the Computer side.  It too got the same "Empty" result.

Copied the same TEST registry key to the User Configuration (as opposed to Computer Configuration) and the Key creates successfully.

Hope this helps.
0
 

Author Comment

by:stormstar
ID: 35041362
In the end I dragged the GPO up to the entire domain and it seemed to work fine after that.  I will assume it was conflicting with another GPO and some inheritance was screwing up or something.  Either way it's working great now.

jhill777 got me on the right track by getting me to use gpresult etc.  I am quite new to GP so I hadn't seen this before.  That in mind I am giving him half the points.

Thanks
0
 

Author Closing Comment

by:stormstar
ID: 35041364
In the end I dragged the GPO up to the entire domain and it seemed to work fine after that.  I will assume it was conflicting with another GPO and some inheritance was screwing up or something.  Either way it's working great now.

jhill777 got me on the right track by getting me to use gpresult etc.  I am quite new to GP so I hadn't seen this before.  That in mind I am giving him the points.

Thanks
0
 
LVL 5

Expert Comment

by:jhill777
ID: 35071279
Glad to hear you got it all figured out.  I was out of town and hadn't been able to get back in here until now.  Just a side not, if ever you think that one of your GPOs is being blocked by another, you can "Enforce" it which will change the order in which the GPOs are applied thus "forcing" it to be applied by right clicking the GPO and selecting "Enforced".
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Airport Extreme port open 24 135
Group Policies review 1 71
Cannot re-install OS X on a 2008 Mac desktop 17 119
2011 iMac won't automatically go into sleep mode 10 63
The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now