troubleshooting Question

User based GPO from foreign domain/forest not being applied. Should they be?

Avatar of JoeyBugeyes
JoeyBugeyesFlag for United States of America asked on
Active DirectoryMicrosoft Legacy OSMicrosoft Server OS
2 Comments1 Solution579 ViewsLast Modified:
Maybe someone can give me a jump start here.  This is regarding GPOs.

Due to a merger/aquisition we now have two forests that we're dealing with.  We are pre-AD migrated but need to get some interoperability in place right now.  We put a trust in place and now we have some users in the NEW company logging into their own domain, but the machine is on our domain.   Get it?  

So I would expect that when the machine boots up, it would get the GPOs from the domain it's a member of.  This works as expected.  No problem.

Now I would expect that when the user logs on, the user would get the user based GPO set from the domain where the User account lives, right?  Not the case.  The user is getting user based policies from the domain where the computer account lives.  

Someone told me that this is by design (loopback processing).  But is there a way to change this behavior if I want to?  And if I can, should I?  If this is the default, maybe there's good reason to keep it this way?

Thanks for listening,
Joey Bugeyes
ASKER CERTIFIED SOLUTION
TunerML
Technology Consultant

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 2 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 2 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros