[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Group Policy Registry Wizard

Posted on 2014-01-17
5
Medium Priority
?
405 Views
Last Modified: 2015-06-23
I have been using the GP to push registry settings to my users. I have been entering each item individually. I now have a key with many folders and items and noticed there was a Registry Wizard in GP. I ran that and pointed to the computer that had the settings and I checked all the items I wanted. I did this for HKLM

I browsed afterwards and they seem to all be there. Even when I go to settings of that GP, I see all the keys populated correctly.

However, I don't see the items in the registry of the user computer.
Also if I run the GP Policy Wizard and choose that PC and that user, it shows all the keys but it shows as HKCU even though it was set as HKLM. But when I check under HKCU of that machine it is not there either. I have not used the Registry Wizard in GP before but it seemed simple enough.

If anyone has any inside in what might have gone wrong, it would be greatly appreciated.

Thanks,
0
Comment
Question by:swenger7
4 Comments
 
LVL 17

Expert Comment

by:Tony Massa
ID: 39789754
I tried this on Win7 and Win8 clients (both 64-bit) from a test domain controller (2012).  After several reboots/logoff-logon attempts, the Win7 client got the registry settings for both HKCU and HKLM.

On the Win8 PC, my user settings (HKCU) did apply to my test user account, but the computer settings (HKLM) have not applied.  GroupPolicy/Operational log looks clean for both, so I'm not sure why it's being so flaky.

I also tried without using the wizard and HKLM\Software registry entries didn't apply on "update" or "create", initially, but eventually, the Win7 computer got all of them that were both set for "update" and "create".

These are the only 3 systems in my "lab", so there isn't any issue with connectivity, so I'm a little skeptical of the GPP registry pushes.  It seems odd as I've almost never had an issue with a GPO doing this sort of thing with a custom ADM in the past.  You may just have to be a little more patient with it and let the clients "naturally" get the policies through reboot(s)/background refresh.
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39791216
What version of client OS you are trying to install registry ?

For windows XP, you must 1st deploy CSE on windows XP to support GP preferences
http://www.microsoft.com/en-in/download/details.aspx?id=3628

You can use GP preferences to deploy GPO to users \ computers

Let me know GPO need to be created for some users and there specific computers only or for all users in domain ?

If it is required for all users in domain, then you can use below approach.
You need to apply GPO on OU containing computers
There you need to create new GPO and in User Configuration \ GP Preference add required registry entry with update mode
Then you need enable Loopback processing mode in replace mode under Computer config\administrative templates\system in same GPO
The above setting will ensure that GPO will apply to all users who logged on those Computers in OU.

Now just run gpupdate /force on DC and client computers and once reboot client computer and check if Policy is getting applied or not as expected

Also run gpresult /h <html file path> to check if GPO is applied or not
Also run rsop.msc on client computer and check if it is showing  there

If GPO need to be applied on few users, then you can apply above GPO to OU containing users, you may use security filtering for applying GPO to specific users (by adding them in a groups and those groups need to be replaced with authenticated users on security filtering of GPO so that GPO will apply to only those users.
Also in that case GPO loop back processing enablement is not required in that case

Mahesh
0
 

Accepted Solution

by:
swenger7 earned 0 total points
ID: 39827103
In the same GPO, I have the registry wizard pushed as well as some other specific registry keys. The specific keys are pushed. Just not the wizard keys. In any case I just manually entered each key that the wizard would have pushed individually in the GPO and that worked. It was more work for me but did the job.
0
 
LVL 36

Expert Comment

by:Seth Simmons
ID: 40845858
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Suggested Courses

868 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question