Group Policy applies User settings but not Computer settings.
Posted on 2012-03-11
I am setting up a new Windows Server 2008 R2 with a test environment of a Windows 7 PC and a Windows XP PC. I have created Users and Groups and defined several GPOs for different Groups, where generally each set of Users in a Group have been placed in their own OU, and the test PCs are in separate sub-OUs for each Operating System (Win7 and WinXP) beneath an OU for Computers.
When testing various GPOs I find that settings for both Users and Computers work for the Users on WinXP PCs, but only for Users on Win7 PCs. I have run RSoP on the test Win7 PC when logged in as different Users, and on each occassion a message saying "access denied" for the computer settings in the GPO, and "no data collected" in the results.
I cannot see any relevant Events in the Event Logs that would help. I have disabled UAC on the Windows 7 test PC, but no change.
What access permissions are not applied so that the GPO's Computer settings work?