Why does windows group computer policy run every logon
I am trying to understand policy application for our windows 2008 r2 AD .
Why does the a computer policy run every time at startup when nothing changes in that policy? The default policy has password item, and a default banner item, that doesnt change. Yet it takes a full minute to process it everytime someone logs in.
Wouldn't it be more efficient if it didn't apply at startup if it didnt change , that would save all kinds of time. Is there a way to do this?
2) Does your computer have to read every policy even if nothing is configured, How do I make it so it doesn't read my local policy. Won't this save time.
3)When you apply a group policy, does your workstation retain that policy even if logged off the network. For example will my laptop retain those settings?
Why does the a computer policy run every time at startup when nothing changes in that policy? The default policy has password item, and a default banner item, that doesnt change. Yet it takes a full minute to process it everytime someone logs in.
Wouldn't it be more efficient if it didn't apply at startup if it didnt change , that would save all kinds of time. Is there a way to do this?
2) Does your computer have to read every policy even if nothing is configured, How do I make it so it doesn't read my local policy. Won't this save time.
3)When you apply a group policy, does your workstation retain that policy even if logged off the network. For example will my laptop retain those settings?
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Hi.
1+2) First, you should make clear how you measured that minute it obviously takes. Did you enable GPO logging and you evaluated some log (which, how?)? Or did it just take a minute from password+[enter] to the desktop?
Fact is, by default policies will not process if they haven't changed and we will find out why that's not the case with you.
3)Yes, the settings will retain even when offline.
1+2) First, you should make clear how you measured that minute it obviously takes. Did you enable GPO logging and you evaluated some log (which, how?)? Or did it just take a minute from password+[enter] to the desktop?
Fact is, by default policies will not process if they haven't changed and we will find out why that's not the case with you.
3)Yes, the settings will retain even when offline.
I believe its a minute to run the computer portion of all the policies, because I ran gpresult. When I read the applied time of the computer settings was 1 minute less than the applied time of the user settings.
Default policy was the only thing the computer section ran, and I did change not the default policy.
This occured when I restart computer.
Default policy was the only thing the computer section ran, and I did change not the default policy.
This occured when I restart computer.
What exact info of gpresult shows a minute difference? Anyway, that is no way to judge the situation. You should disable all policies (user- and computer-) and restart your computer to see if it's faster, then.
Please refer to these links.
http://www.youtube.com/watch?v=nmc-saJC6jA
http://www.windowsitpro.com/article/windows-server-20082/new-active-directory-features-in-windows-server-2008-r2
Second for the question you asked you can find the answer on ask-leo.com
http://ask-leo.com/windows.html
Hope it works for you.
http://www.youtube.com/watch?v=nmc-saJC6jA
http://www.windowsitpro.com/article/windows-server-20082/new-active-directory-features-in-windows-server-2008-r2
Second for the question you asked you can find the answer on ask-leo.com
http://ask-leo.com/windows.html
Hope it works for you.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial