Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Software restriction policy whitelist - how do i include domain logon scripts? Getting gpupdate error

Posted on 2013-10-23
6
Medium Priority
?
978 Views
Last Modified: 2013-11-03
I may have gotten myself in a bit of a pickle. I did the GPO and let it update the machines, now when i try to gpudpate i get an error on some of the PC's. A resultant set of policy shows that they do not trust the logon script location (\\domain.com\sysvol\). I added that after, but now I am trying to gpupdate again and it still isnt getting the new gpo. How do I fix this? I have put it in allowed to:

%LogonServer%\SysVol\*
\\domain.com\SysVol\*

Is this correct? Is there a way to update the machines that do not have this information, if they currently are disallowed to run things from there?
0
Comment
Question by:j_crow1
  • 4
  • 2
6 Comments
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39594819
0
 

Author Comment

by:j_crow1
ID: 39594856
My logon scipt is done through GPO - it just adds network drives.
0
 

Author Comment

by:j_crow1
ID: 39594987
And the netlogon share is already unrestricted.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39595437
Can you post the screenshot of your policy applied
0
 

Accepted Solution

by:
j_crow1 earned 0 total points
ID: 39608891
I figured it out; the computers needed to be rebooted. After a fresh reboot after the new SRP policy, everything started working fine.
0
 

Author Closing Comment

by:j_crow1
ID: 39619681
After SRP implementation, computers need to be rebooted.
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question