?
Solved

GPO not applying to workstation but applying to servers

Posted on 2012-08-17
23
Medium Priority
?
550 Views
Last Modified: 2012-09-10
I'm having issues with GPO's not applying to users. I have a GPO that is applied to our server team that maps drives for them. I can't figure out why the policy applies to the server when I log in but doesnt apply when I log into my workstation. The policy works when I put it in the root of the domain but not in the admin users OU that I have created and I cant seem to figure it out. I read that it might be a DNS issue (shocked to see). I moved my workstation to the server VLAN and still wasn't able to get the policy to apply. I am not sure what it would be on the workstation that would be different then the server. This is happening to more then one of our GPOs, I'm just trying to fix one at a time. Any one have ideas on this or seen it before?
0
Comment
Question by:MNovitsch1
  • 13
  • 4
  • 2
  • +3
23 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38305135
Are you using the drive maps settings under preferences (user configuration) to map the drives?   If you are then you have to make sure your user account is in the OU when you test.

Thanks

Mike
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38305166
It sounds like a computer vs. user setting.  Have you made sure that you've set user preferences and not computer preferences?
0
 
LVL 10

Expert Comment

by:chubby_informer
ID: 38305180
check your OU and see if its correct
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:MNovitsch1
ID: 38305311
The drive mapping are in preferences > Windows Settings > Drive Maps under User Configuration. I just dont get how it can work on my server but not work on the workstation. The GPO is under the Users and Groups  OU that I have created.
0
 

Author Comment

by:MNovitsch1
ID: 38305371
I ran the test using the group policy modeling tool and it comes back saying it is successful.
0
 

Author Comment

by:MNovitsch1
ID: 38305405
The GPO works if I place it under the root of the domain, could it be something with the workstation accounts dont have the same access as the server accounts?
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38305416
Perhaps... but it could be cause there is another policy taking precedence over it.  For the policy in question, do you have it "Enforced"?
0
 

Author Comment

by:MNovitsch1
ID: 38305419
I didnt before, I tried a this morning without any luck.
0
 

Author Comment

by:MNovitsch1
ID: 38305449
Here is what the OU structure looks like and the policy
Hope this helps a little
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38305450
It works at the domain because it is applying to all users.  Link it to the OU where your user account is and try it out.

Thanks

Mike
0
 

Author Comment

by:MNovitsch1
ID: 38305471
My account is under the privileged users OU which is where the  admin configuration GPO is located and it doesnt work under the workstation, but still works under the server.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38305523
Perhaps... but it could be cause there is another policy taking precedence over it.  For the policy in question, do you have it "Enforced"?

I didnt before, I tried a this morning without any luck.

If this is truly the case and you did Enforce it and it still didn't work then that leads me down the path of believing that it/you/OU/something is in the wrong location in AD/OUs.
0
 

Author Comment

by:MNovitsch1
ID: 38305747
That is what I have been trying to figure out and why I posted the question.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38305757
Ignore this comment, answered my own question.
0
 

Author Comment

by:MNovitsch1
ID: 38306066
I created a new OU called admins, I put my account in there made a new GPO called AdminSettings and used a VBScript to map the drives and still the workstation doesn't see it.
0
 

Author Comment

by:MNovitsch1
ID: 38306129
Alright I got it to work just not the way i want it to. I put the script under the workstation OU and it seems to work. Its almost as if my OU structure is some how corrupt but I dont know where to begin on how to fix that.
0
 
LVL 16

Expert Comment

by:cantoris
ID: 38311323
If a *user* setting is being applied based on where the *computer* account is then that sounds as though you have Group Policy's Loopback Processing enabled in a GPO applied to your computer.
0
 
LVL 16

Expert Comment

by:ThinkPaper
ID: 38312066
I think there's some confusion here. Are you using the SAME account to log on to the server and the workstation or are you using 2 different accounts? And where are these account(s) located? Same OU? Different OU?

You should not be worrying about applying the policy to any computer but only the user accounts.
0
 

Author Comment

by:MNovitsch1
ID: 38313191
The account is mine, I use the same account to log into the server as the workstation. On the server everything works, on the workstation it doesnt see any GPOs under the users and group ou (which my account is under).
0
 
LVL 16

Expert Comment

by:cantoris
ID: 38313379
Use Resultant Set of Policy to see if you have got the Loopback Policy mode applied to that Workstation's account.
0
 

Author Comment

by:MNovitsch1
ID: 38341279
I have checked RSOP, there are no loopback processing being done. I went through and disabled all the loopback processing that I before I made this post without luck.
0
 

Accepted Solution

by:
MNovitsch1 earned 0 total points
ID: 38369505
I am just going to use the Workstation OU since it seems to work that way even though I know its not right. This domain will be gone in 6 months anyways since our company is going through a merger.
0
 

Author Closing Comment

by:MNovitsch1
ID: 38382361
I am just going to use the Workstation OU since it seems to work that way even though I know its not right. This domain will be gone in 6 months anyways since our company is going through a merger.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question