• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 541
  • Last Modified:

Login banner not working

I cannot get the logon banner to appear when users log into the network (Windws 2003 Server Active Directory).  I've defined the Interactive login message texts and title for the default domain policy in Group Policy Management.  I then ran GPUPDATE.  However, the banner still will not appear on any workstations when the user logs in.  Am I missing something?  Thanks!
0
markrkelley123
Asked:
markrkelley123
  • 11
  • 9
1 Solution
 
lloydclintonCommented:
Whats OS?  Did you do gpupdate/force on the client machine?  Default update time for GP is 90 minutes..
0
 
markrkelley123Author Commented:
I appreciate the quick response.  Yes, I applied the /FORCE switch.  And this was about 5 hours ago.
0
 
markrkelley123Author Commented:
Regarding what OS, all the client machines are either Windows 7 Professional or XP Professional.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
lloydclintonCommented:
Windows XP?  Have you checked your event viewer to make sure there hasn't been any problems with your active directory updating?
0
 
markrkelley123Author Commented:
Nothing in the Event Viewer that relates to this.
0
 
lloydclintonCommented:
You did it like this?:

Open the GPO… expand ‘Windows Settings’, ‘Security Settings’, ‘Local Policies’, ‘Security Options’.

“Interactive Logon: Message title for users attempting to log on”.
(Place your message into this policy.)

“Interactive Logon: Message text for users attempting to log on”
(use something like “System Use Notice” for the title of the message box .)
0
 
markrkelley123Author Commented:
Exactly like that!
0
 
markrkelley123Author Commented:
In fact, when it generates the report under Settings for the Default Domain Policy my banner text and title are listed there.
0
 
lloydclintonCommented:
Are other settings in your default policy working properly?
0
 
lloydclintonCommented:
Also, do you have a PC that you can remove from the domain, delete the computer account from AD and rejoin it?
0
 
markrkelley123Author Commented:
As far as I can tell, all the other settings are working properly, although this is pretty much a vanilla setup and nothing too sophisticated exists (i.e. password lengths, etc.)  If this was the case, what would cause the GP to not work?

I was working on a separate problem earlier where I had to remove/add a PC from AD.  The banner never appeared as well.
0
 
lloydclintonCommented:
How many dcs are in your domain?  are they all 2k3?  Does 1 dc hold all roles?
0
 
markrkelley123Author Commented:
Only one DC and it's 2k3.  And yes, the PDC holds all the roles except for DHCP.

BTW, when you right-click on a policy (there are three: Administrator GPO, Default Domain Policy, and Non Administrator) what does "Enforced" mean/does?
0
 
lloydclintonCommented:
When it is enforced it can not be over ruled by other policy.
0
 
lloydclintonCommented:
Can you set another policy such as the default screensaver and then make it so the users can't change it... force it and see if it takes... if it doesn't there may possibly be a problem with AD... do you have the means to install a 2nd DC?  Also are there *any* errors in the event viewer?
0
 
markrkelley123Author Commented:
Hi lloydclinton,

Just returned from traveling.  Will try your suggestions today.  Thanks!
0
 
markrkelley123Author Commented:
The latest:  Any other policy changes that I make to the Default Domain Policy do NOT take affect (i.e. Do not require CTL-ALT-DELETE, screensavers, etc.).

However, they DO take affect at the Domain Controller (fileserver) when I log in as a user or administrator.

There are NO errors reported in the Event Viewer.

Furthermore, I ran regedit and the Interactive Login text and title DO appear in:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\system

I'm pretty stumped at this point....
0
 
markrkelley123Author Commented:
To fix this problem, I ended up deleting all the existing policies (with the exception of the Default Domain Policy) and recreated them from scratch.  That seemed to work.
0
 
lloydclintonCommented:
I am glad you found a solution to the problem.
0
 
markrkelley123Author Commented:
Didn't really find answer to question.  Just had to start over.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

  • 11
  • 9
Tackle projects and never again get stuck behind a technical roadblock.
Join Now