Prints via Group Policy affecting All Computer

We are running Windows 2008R2 with SP1.  I setup a new group policy to install a printer to a set of lab computers and force that printer to be default.  All the lab computers are in their own separate OU in AD.  This was successfully applied.

The problem is that it applied to ALL computers in the entire AD (not just the OU I applied the group policy to) and forced that printer to be default.
Who is Participating?
Lester_ClaytonConnect With a Mentor Commented:
Have you verified that the Scope Links are only set where you really want them to be set?

Are there Child OU's which are being affected?  GPO's flow down to all Children OU's by default.

Scope Links
If this doesn't help you, on one of the affected computers run from a command prompt and as an administrator, GPRESULT /V.  You may need to redirect that to a text file for easier reading.

At the top of the results, you will see "Applied Group Policy Objects", and it will list all the GPO's applied to the computer.  The following output will highlight what you need to look for.

Finally, are you sure this is a Computer Policy and not a user policy - a user policy may affect machines which you don't want it to.
Krzysztof PytkoSenior Active Directory EngineerCommented:
Where did you apply this GPO (on which level)? It shoudl be linked only to that particular OU (or even subOU) not to domain.
You can always try to filter this GPO to only particular group of computers.

More about GPO filtering at

Hi, have you created any filter on the GPO you created? By default it will apply on all users. If the OUs you applied it to have real users in then it will apply on them as well.

Could you send a screenshot of how that GPO is applied?
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

edawlemAuthor Commented:
I see that I do have it applied to the OU in which the staff users reside as well.  That would be the cause...   But....   One of the printer policies that became active has been there for quite a while.  Is there an update that would have made these suddenly start working on XP computers?
Krzysztof PytkoSenior Active Directory EngineerCommented:
Every 90 minutes clients refresh their Group Policies. If you wish to enforce them you need to run in command-line

gpupdate /force
or reboot machine

edawlemAuthor Commented:
I understand that.  But the policy has been sitting there for months and has not applied itself until this last week.
ReubenwelshConnect With a Mentor Commented:
Are you a lone administrator? Could it be someone else has activated it? It wouldnt be the first time ive made gpo's someone else has been troubleshooting printers and through "heey i think ive found it, the gpo isn't active... lets try this!"

They dont just activate themself, the only thing i think of is you hadnt installed the patch that allows extended gpo's on Windows Xp untrill recently, before you install that patch Xp machines dont see the extended GPO's so they would just ignore them.

edawlemAuthor Commented:
I'm pretty much the lone admin on this network.  I have someone else that backs me up but he doesn't know how to work GPOs.  It's possible that the patch wasn't applied to systems until recently...  I'll have to look into that.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.