asked on

GPO: Windows 2008 R2 Local Admin group

Hi All,

I setup a Group Policy around 12 months ago to an AD Group to the local Admins group. I attached it to our server OU and checked it was working (on a 2003 server).

Recently I noticed it's not applying to any of the 2008 servers.

I followed this guide to the letter

http://www.youtube.com/watch?v=2S8pkW1fZxs

Any ideas?
D

Mahesh

Not sure why do you require restricted groups GPO on servers ?
Check group policy settings if its applied to authenticated users in security filtering in GPMC?

Run rsop.msc on affected servers and check if GPO is showing there in rsop output as applied?

If its showing as applied,then you must reboot 2008 servers once in order to apply GPO

Please reboot 2008 servers once to test if it's working and also check event viewer on those servers for any errors

Mahesh

Will Szymkowski

I beleive you are referring to Restricted Groups? If so Restricted Groups are compatible with 2003 and 2008. On your 2008 server run rsop.msc and check computer and user configuration properties and make sure that the policies are actually being applied.

Restricted Groups

Will.

detox1978

ASKER

Yes it's restricted groups.

The policy is not showing as being filtered when I run GPRESULT /R

However the setting does not appear in RSOP.msc

Will Szymkowski

It is filtering out probably due to Security Filtering. Can you check the security filtering and make sure that it is set accordingly.

Will.

detox1978

ASKER

It has the same access as the Default Domain Policy. It also applies successfully to Windows 2003 Servers