?
Solved

Group Policy Registry Wizard

Posted on 2014-01-17
5
Medium Priority
?
250 Views
Last Modified: 2015-06-23
I have been using the GP to push registry settings to my users. I have been entering each item individually. I now have a key with many folders and items and noticed there was a Registry Wizard in GP. I ran that and pointed to the computer that had the settings and I checked all the items I wanted. I did this for HKLM

I browsed afterwards and they seem to all be there. Even when I go to settings of that GP, I see all the keys populated correctly.

However, I don't see the items in the registry of the user computer.
Also if I run the GP Policy Wizard and choose that PC and that user, it shows all the keys but it shows as HKCU even though it was set as HKLM. But when I check under HKCU of that machine it is not there either. I have not used the Registry Wizard in GP before but it seemed simple enough.

If anyone has any inside in what might have gone wrong, it would be greatly appreciated.

Thanks,
0
Comment
Question by:swenger7
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 17

Expert Comment

by:Tony Massa
ID: 39789754
I tried this on Win7 and Win8 clients (both 64-bit) from a test domain controller (2012).  After several reboots/logoff-logon attempts, the Win7 client got the registry settings for both HKCU and HKLM.

On the Win8 PC, my user settings (HKCU) did apply to my test user account, but the computer settings (HKLM) have not applied.  GroupPolicy/Operational log looks clean for both, so I'm not sure why it's being so flaky.

I also tried without using the wizard and HKLM\Software registry entries didn't apply on "update" or "create", initially, but eventually, the Win7 computer got all of them that were both set for "update" and "create".

These are the only 3 systems in my "lab", so there isn't any issue with connectivity, so I'm a little skeptical of the GPP registry pushes.  It seems odd as I've almost never had an issue with a GPO doing this sort of thing with a custom ADM in the past.  You may just have to be a little more patient with it and let the clients "naturally" get the policies through reboot(s)/background refresh.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39791216
What version of client OS you are trying to install registry ?

For windows XP, you must 1st deploy CSE on windows XP to support GP preferences
http://www.microsoft.com/en-in/download/details.aspx?id=3628

You can use GP preferences to deploy GPO to users \ computers

Let me know GPO need to be created for some users and there specific computers only or for all users in domain ?

If it is required for all users in domain, then you can use below approach.
You need to apply GPO on OU containing computers
There you need to create new GPO and in User Configuration \ GP Preference add required registry entry with update mode
Then you need enable Loopback processing mode in replace mode under Computer config\administrative templates\system in same GPO
The above setting will ensure that GPO will apply to all users who logged on those Computers in OU.

Now just run gpupdate /force on DC and client computers and once reboot client computer and check if Policy is getting applied or not as expected

Also run gpresult /h <html file path> to check if GPO is applied or not
Also run rsop.msc on client computer and check if it is showing  there

If GPO need to be applied on few users, then you can apply above GPO to OU containing users, you may use security filtering for applying GPO to specific users (by adding them in a groups and those groups need to be replaced with authenticated users on security filtering of GPO so that GPO will apply to only those users.
Also in that case GPO loop back processing enablement is not required in that case

Mahesh
0
 

Accepted Solution

by:
swenger7 earned 0 total points
ID: 39827103
In the same GPO, I have the registry wizard pushed as well as some other specific registry keys. The specific keys are pushed. Just not the wizard keys. In any case I just manually entered each key that the wizard would have pushed individually in the GPO and that worked. It was more work for me but did the job.
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40845858
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question