Offline Files GPO

If the UAC is on, I think Win7 requires admin rights to make that change. Have you logged on to those Win7 workstations with administrative rights and tried to disable Offline Files?

Yes. UAC is off and although it is dangerous I make all users administrators of their computers. When I go in to Sync Center and Manage Offline Files it tell me offline files are enabled but the button to disable them is greyed out.

Now it get even weirder. I looked as a XP workstation on the domain. Same set of GPOs and offline files are not enabled and everything is greyed out. It is almost like the Windows 7 stations aren't effected by the GPO yet the XP workstations are.

Did you upgrade your domain group policies to Windows 7 (admx)?

OOPs - your OP says you've upgraded to server 2012, which would mean that the GPO version is up to date.  Try running the group policy results tool on one of the Windows 7 workstations.  This will tell you if the policy is being applied or not, and if not will give you some indication of the reason.

I was trying to find that utility the other day. Do you know where I can get my hands on it?

You can run it from the command line on any workstation by typing gpresult.  If you're a bit lazy and GUI-dependent like me, on the server, open the group policy management console.  When you expand the Forest object, at the bottom of the list you should see Group Policy Results. Right-click on that and start the results wizard. This allows you to pick any workstation or server and user combination on the domain to test your group policy effectiveness. When the report has been generated, click on the Summary tab to see an overview, or the Settings tab to see the detailed report. You can also save and/or print the report from the console.

I am missing something. Attached it the gpresult from the one Windows 7 workstation. It looks like the Default Policy is in effect. I see a lot of things I set within it but I don't see the offline files settings in the Default Domain Policy. What am I missing?
results.txt

I just ran the gpresult on the XP workstation where offline files is disabled. I don't see the offline file settings under administrative templates either. It is attached.
XPresult.txt

These are the settings that are being controlled by your group policy:

GPO: Default Domain Policy
                KeyName:     Software\Policies\Microsoft\Windows\NetCache\Enabled
                Value:       0, 0, 0, 0
                State:       Enabled

            GPO: Default Domain Policy
                KeyName:     Software\Policies\Microsoft\Windows\NetCache\SyncAtLogon
                Value:       0, 0, 0, 0
                State:       Enabled

 GPO: Default Domain Policy
                KeyName:     Software\Policies\Microsoft\Windows\NetCache\SyncAtLogoff
                Value:       0, 0, 0, 0
                State:       Enabled

Those are the offline files entries in the registry.  Look in your default domain policy for the following settings:

Computer Configuration/Policies/Administrative Templates/Network/Offline files:

Allow or Disallow use of Offline Files Feature
Synchronize all offline files when logging off
Synchronize all offline files when logging on

Also there are other settings in that part of group policy that you can look at an use if necessary to control the operation of offline files.

That is what is throwing me. I figured out that NetCache is Offline files but looking through the results they don't give you any detail on which netcache options they are. There are about 6 offline files options set. The ones you mention above:

Allow or Disallow use of Offline Files Feature
Synchronize all offline files when logging off
Synchronize all offline files when logging on

Are configured. Allow/Disallow is disables and sync at logoff and logon are disabled along with about 4 other offline files options. Why doesn't gpresult reflect those? or does it? Those result logs have 5 or 6 netcache entries. They just don't specify what they are in detail.

It looks like you ran gpresult from the workstation.  You get a different viewpoint if you run it from the GPMC.  The GPMC will show you which group policies themselves (rather than the reg entries) are being applied successfully or unsuccessfully.  It looks to me like the reg entries show that offline files are enabled, and sync at logon and logoff are also enabled, on the Win7 machine that you tested.  So, given the group policy settings you're saying you see in the default domain policy, something in the application of your group policy settings is definitely not working, or some other policy is interfering.

Let's start with running the group policy results tool from the GPMC on the server and post the resulting report.

The GPMC method is much more "readable". It does show that the Offline Files are disabled along with some other offline file settings that I have been told I need to set to disable offline files on Windows 7. The GPMC result is attached.

   It is almost as if on XP all you have to do is Disable or Enable the user of Offline Files where Windows 7 required that and about 6-7 addition settings including disabling the cscservice.

   I am curious... at the top of this report I see a warning {10831910-5A33-47E2-8321-87711B577337} Computer Configuration Disabled,Enforced

What does that signify?
HEALTH-04.htm

You need to look in your sysvol on the DC. There may be an existing group policy object with the GUID that is shown at the top of your report. This may be the remnant of some old group policy that existed in the 2003 domain.  Is there any object in your GPMC named "Classic Administrative Templates (ADM)" or any other active policy other than the default domain one?  Or this may just be some sort of orphaned object.

There is a policy in the sysvol with that GUID. I don't see anything by the name "Classic" in GPMC. I only have 5 total objects:

Default Domain Controller Policy
Default Domain Policy
Enable Offline Files
Local Printers
Redirection to GovCtrDC

I do still have two 2003 Domain Controllers. Soon to be only one.

OH - forgot to say that you want to look at the GPO Status; this will tell you if everything is Enabled or if part of the GPO - user config or computer config - is disabled.

Thanks for all your help on this hypercat. That particular GPO was put in long ago but the copier people to install their page count software. I had forgotten all about it but I don't think the computer configuration should have been disabled. I think I am OK. Disabling offline files seems to be different between XP and Windows 7. Windows 7 needs the extra step of disabling the offline files service. Once I did that in the GPO the offline files did disable.

Great - glad to be of help!