Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Prints via Group Policy affecting All Computer

Posted on 2011-09-22
8
Medium Priority
?
375 Views
Last Modified: 2013-11-05
We are running Windows 2008R2 with SP1.  I setup a new group policy to install a printer to a set of lab computers and force that printer to be default.  All the lab computers are in their own separate OU in AD.  This was successfully applied.

The problem is that it applied to ALL computers in the entire AD (not just the OU I applied the group policy to) and forced that printer to be default.
0
Comment
Question by:edawlem
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36585294
Where did you apply this GPO (on which level)? It shoudl be linked only to that particular OU (or even subOU) not to domain.
You can always try to filter this GPO to only particular group of computers.

More about GPO filtering at
http://technet.microsoft.com/en-us/library/cc779291%28WS.10%29.aspx
http://www.windowsnetworking.com/articles_tutorials/group-policy-security-filtering.html

Regards,
Krzysztof
0
 
LVL 6

Expert Comment

by:Reubenwelsh
ID: 36585296
Hi, have you created any filter on the GPO you created? By default it will apply on all users. If the OUs you applied it to have real users in then it will apply on them as well.

Could you send a screenshot of how that GPO is applied?
0
 
LVL 9

Accepted Solution

by:
Lester_Clayton earned 1400 total points
ID: 36585311
Have you verified that the Scope Links are only set where you really want them to be set?

Are there Child OU's which are being affected?  GPO's flow down to all Children OU's by default.

Scope Links
If this doesn't help you, on one of the affected computers run from a command prompt and as an administrator, GPRESULT /V.  You may need to redirect that to a text file for easier reading.

At the top of the results, you will see "Applied Group Policy Objects", and it will list all the GPO's applied to the computer.  The following output will highlight what you need to look for.

GPRESULT /V
Finally, are you sure this is a Computer Policy and not a user policy - a user policy may affect machines which you don't want it to.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:edawlem
ID: 36585966
I see that I do have it applied to the OU in which the staff users reside as well.  That would be the cause...   But....   One of the printer policies that became active has been there for quite a while.  Is there an update that would have made these suddenly start working on XP computers?
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36585985
Every 90 minutes clients refresh their Group Policies. If you wish to enforce them you need to run in command-line

gpupdate /force
or reboot machine

Krzysztof
0
 

Author Comment

by:edawlem
ID: 36585988
I understand that.  But the policy has been sitting there for months and has not applied itself until this last week.
0
 
LVL 6

Assisted Solution

by:Reubenwelsh
Reubenwelsh earned 600 total points
ID: 36586002
Are you a lone administrator? Could it be someone else has activated it? It wouldnt be the first time ive made gpo's someone else has been troubleshooting printers and through "heey i think ive found it, the gpo isn't active... lets try this!"

They dont just activate themself, the only thing i think of is you hadnt installed the patch that allows extended gpo's on Windows Xp untrill recently, before you install that patch Xp machines dont see the extended GPO's so they would just ignore them.

0
 

Author Comment

by:edawlem
ID: 36586092
I'm pretty much the lone admin on this network.  I have someone else that backs me up but he doesn't know how to work GPOs.  It's possible that the patch wasn't applied to systems until recently...  I'll have to look into that.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question