Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

SYSVOL Permissions Issue On 2012 Datacenter

Posted on 2013-01-18
2
Medium Priority
?
4,345 Views
Last Modified: 2013-01-22
Hi Experts

We have just upgraded our Active Directory Servers to 2012 Datacenter, AD, DNS & DHCP are working fine, but we are having some issues with Group Policy as follows:

We have a GPO that redirects the users doccuments and desktop to a network share but it isnt working, when I run GPRESULT /R it show that that policy has been applied, but when saving a file to the desktop it saves it on the C:
All our Users are running Win7 Enterprise

The second issue is when we change a GPO, and view the "Status" we get the following message:

The SYSVOL permissions for one or more GPOs on this domain controller are not in sync with the permissions for the GPOs on the baseline domain controller.

Any help is greatly appreciated

Thanks

Jon
0
Comment
Question by:Jon C
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 5

Accepted Solution

by:
Coffinated earned 2000 total points
ID: 38795489
Hi,

check to sysvol permission and reset it if needed

They follow a standard NTFS permissions of the SYSVOL folder:
% SystemRoot% \ Windows \ Sysvol

Clear the Allow inheritable permissions from parent to propagate to this object check box
Administrators: Full Control
Authenticated Users: Read, Read & Execute, List Folder Contents and
Creator Owner: Nothing selected
Server Operators: Read, Read & Execute, List Folder Contents and
System: Full Control
% SystemRoot% \ Windows \ Sysvol \ Sysvol

Clear the Allow inheritable permissions from parent to propagate to this object check box
% SystemRoot% \ Winnt \ Sysvol \ Sysvol \ domain

Clear the Allow inheritable permissions from parent to propagate to this object check box
% SystemRoot% \ Winnt \ Sysvol \ Sysvol \ domain \ Policies

Clear the Allow inheritable permissions from parent to propagate to this object check box
Administrators: Full Control
Authenticated Users: Read, Read & Execute, List Folder Contents and
Creator Owner: Nothing selected
Group Policy Creator Owners: Read, Read & Execute, List Folder Contents, Modify, and Write
Server Operators: Read, Read & Execute, List Folder Contents and
System: Full Control
For each file or folder that is located in the% SystemRoot% \ Winnt \ Sysvol \ Sysvol \ domain \ Policies

Check the Allow inheritable permissions from parent to propagate to this object check box
Sysvol share permissions:

Administrators: Full Control
Authenticated Users: Full Control
Everyone: Read


As far as the redirection can you tell me how you redirected it? There may be a syntax error.
0
 

Author Closing Comment

by:Jon C
ID: 38806328
That sorted it, many thanks
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question