Group policy issue

Im installing an application called Device Lock on my 2003 test domain.  Its used to block USB/CD rom acess, etc. All the configuration is done through group policy. I've created a new GPO at for the computers OU and ticked 'over ride' in options. I've GP forced on the server and the domain but the policy is not being picked up the workstation. Can someone assist please?

Cheers.
Kimba123Asked:
Who is Participating?
 
Leon FesterSenior Solutions ArchitectCommented:
No other polices have been applied and this one is aimed at a computers container with AD. The machine is XP and there is only one DC. No other replication issues appear as far as I know...

Group Policies cannot be applied to containers.
So make sure that you've created an OU and not a container.

Run gpresult /h results.html, and check which GPO's are being blocked/allowed on the result.html file
Under "User Configuration Summary -> General -> Group Policy Objects", you should see two sections: "Applied GPO's" and "Denied GPO's"
0
 
kiwistagCommented:
Is the GPO at Group Level? Do you have inheritance on your OU's?
How many Domain Controllers do you have and if more than one is there any issues with File Replication between them? We have had issues in the past where very old GPO's & even login scripts wern't replicating to one server and for some reason it was mistakenly seen as the PDC/FSMO
0
 
Nagendra Pratap SinghDesktop Applications SpecialistCommented:
Is the workstation XP or something else?
0
Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

 
Kimba123Author Commented:
No other polices have been applied and this one is aimed at a computers container with AD. The machine is XP and there is only one DC. No other replication issues appear as far as I know...

I tried to deploy the MSI (for the service to be installed on the client)through the software deployment option within GP, aimed my computers container (not the default container) but this also did not install.
0
 
kiwistagCommented:
Although old school, have a nosey at TweakUI also.
0
 
Kimba123Author Commented:
Kiwistag, thanks for the reply but I do not want to install any third party apps on my server. Can anyone respond to my previous post?

As I said I attempted to deploy the MSI through GP but this did not work. Is there any way to check my group policy is actually working on the selcted OU in question?

GPRESULT on the client returns the following: 'The user does not have RSOP data'

GPRESULT on the server returns results as expected.

When I run rsop.msc on the client, I get the following error
RSoP data is invalid. Likely causes are, data is corrupt, data has been deleted or data has never been created.
Datails: Invalid namespace
0
 
Mike KlineCommented:
What errors are you seeing in your event logs?   Have you tried running an RSoP report from GPMC?  

Thanks

Mike
0
 
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
U need to enable the setting " always wait for network".

This setting is under computer configuration, network, log on.
0
 
btanExec ConsultantCommented:
From this they found dns is not probably set...they also did the gpupdate /force
http://www.petri.co.il/forums/showthread.php?t=17536
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.