Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 493
  • Last Modified:

gpo not appied

I am unable to apply a gpo that is using a certificate to my default domain pollicy.
I am attaching gpresults and a couple of print screens that show the gpo and scope.
the problem is the default domain polilcy is not being applied to domain users. I have installed the certificate on the dc's but the default domain policy doesn't get applied to them.

1 Solution
I think you are looking at this the wrong way.
You have applied the GPO to a Computer Configuration so this is never going to affect a user login it will affect the computer.
You will need to add the computers that you want this applied to in the Security Filtering.
Also the GPO likely won't take affect until a reboot of the client pc.
Is the "Enforced" option ticked on the default domain policy? This will avoid any inheritance blocking or setting overrides farther down the policy hierarchy. If you do an RSOP on one of the client OU's, do you see the setting applied there?
try applying the policy to "Domain Computers" Security Group and enforce the rule. if for some reasons you do not want to enforce it, create a new domain level GPO and set it with the same settings
jim3725Author Commented:
After I applied this policy to all my  terminal servers locally then the users who were logging into terminal server received the certificate. I also applied it to all my dc's and then all my pc's received the cert as well.
thanks for your assistance.
jim3725Author Commented:
Since gpo for cerficiate was applied on computers then it had to be installed locally for anyone logging into these computers.

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now