Windows 2008 R2 Group Policy

I have some computers on the domain that, as a domain admin, I have no permissions to remote into or remotely restart. I have a group policy on those computers that allows certain people to be able to login locally, which I am part of, but I setup a policy to setup a security group to be part of the local Administrators group on the computers. I can only imagine that because I didn't include domain admins as part of the local Administrators group that I am not a local admin. Would that be true? Is there a way I can make a change to the group plicy and be able to force the Gpupdate on those computers? It appears I cannot because I don't have access. Just seems odd that a domain admin cannot force access remotey to his or her domain computers.
Greg27Asked:
Who is Participating?
 
andossCommented:
Group Policy should update automatically depending on your replication interval.
Do you know what this is set to?

Computer Config > Admin Templates > System > Group Policy > Group Policy refresh interval for computers.
We set ours to 45 minutes.
0
 
andossCommented:
Domain Admins should have local admin rights to all domain machines anyway.

Have you tried opening computer management remotely and checking the user group on one of the troublesome machines?

ie. right click my computer on your own machine > Manage
Right click computer management on the left hand side and choose connect to another computer.
enter the IP or hostname of another computer
0
 
Greg27Author Commented:
Yes, just includes Administrator and the security group I added through Group Policy. No Domain Admin. I decided to add Domain Admins to the GPO, but not sure how to update the policy on that computer since I can't access the computers.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Greg27Author Commented:
Hmmm... I didn't know that was there. I just set mine to 45 minutes, but there is also a randome time added. What did you set that to? Also, since that wasn't applied, is there any other way to force any new changes made to the GPO?
0
 
andossCommented:
We just have a 20 minute random time interval.

You can force a replication of GPO from one domain controller to another but you didn't mention a second domain controller in the remote site?

I think the refresh interval will just take effect after 45 minutes and hopefully your problem will be solved.
0
 
Greg27Author Commented:
Thanks andoss! It is updating the policy as time goes by. I really appreciate the help!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.