My DC is a Windows 2003 R2 server. The previous administrator setup very basic group policies for most users. 2 Days ago I went into a group policy assigned to every computer on the domain and configured SNMP and used the GPUdate /force command from the server to force the update. I now have 1 Windows 7 user that now can not make any changes to any setting on their local PC when logging into the domain. The user can not add/remove apps, add hardware, or even view his device manager. He tried attaching an external USB hard drive and a window popped up saying he was a standard user and needed Admin rights to make the change. I am stumped. I have removed the group policies from all OU's in Group Policy Management then forced the update and still he cant make any changes to his local machine. Where else could such a policy be in place? I even went as far as to add the user to the Domain Admins group and the Administrators group on the server and still his local pc is locked down.