gpo not appied

Posted on 2011-04-27
Last Modified: 2013-12-04
I am unable to apply a gpo that is using a certificate to my default domain pollicy.
I am attaching gpresults and a couple of print screens that show the gpo and scope.
the problem is the default domain polilcy is not being applied to domain users. I have installed the certificate on the dc's but the default domain policy doesn't get applied to them.

Question by:jim3725
    LVL 5

    Accepted Solution

    I think you are looking at this the wrong way.
    You have applied the GPO to a Computer Configuration so this is never going to affect a user login it will affect the computer.
    You will need to add the computers that you want this applied to in the Security Filtering.
    Also the GPO likely won't take affect until a reboot of the client pc.
    LVL 9

    Expert Comment

    Is the "Enforced" option ticked on the default domain policy? This will avoid any inheritance blocking or setting overrides farther down the policy hierarchy. If you do an RSOP on one of the client OU's, do you see the setting applied there?

    Expert Comment

    try applying the policy to "Domain Computers" Security Group and enforce the rule. if for some reasons you do not want to enforce it, create a new domain level GPO and set it with the same settings

    Author Closing Comment

    After I applied this policy to all my  terminal servers locally then the users who were logging into terminal server received the certificate. I also applied it to all my dc's and then all my pc's received the cert as well.
    thanks for your assistance.

    Author Comment

    Since gpo for cerficiate was applied on computers then it had to be installed locally for anyone logging into these computers.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Article by: btan
    The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
    Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
    This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
    This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now