I have always been curious, when I join machines to the domain and they all locate by default in the built-in computer container, I do not configure the gpo for the built-in container because I then create specific 'ou/gpo' and 'move' each machine to relevant gpo.
I am currently running a small win 2003 domain network with only 3 other domain member servers attached but planning on upgrading to win 2008.
note: as I only have 1 x master dc/dns - I normally set primary dc to the same static ip address, but this time I left as default primary dns: 127.0.0.1 - I assume is perfectly ok
due to changing things and putting them back and removing machines from the domain and sometimes re-installing clean os on server without 1st removing from domain, but then running:
- clear scavenging file
- clear cache
- detect server updates & restarting dns
- or ipconfig /flushdns & ipconfig /registerdns in my master dc and gpo stuff, it appears my gpo is not quite working properly or really sluggish, ie my member servers and desktop not detecting my internet/proxy details, but when I add in manually it allows internet access.
- unauthourizing dhcp
- reconcile scopes
- restarting dhcp
- rebooting master dc 3/4 times
note: the above will probably be the cause of my problem but trying to put it right.
on my isa it receives internet access but did not receive the gpo/internet proxy details via internet options, but when I add in manually it stops my internet from working.
I have checked the eventviewer on all machines and restarted several time but same issue.
my fileserver previously allowed my win 7 laptop to logon via roaming profile and receive internet access but when I logon to domain successfully via win 7 laptop it states that the file server is not connected or does not have permission.
normally I switch my machines off overnight, but I decided to leave my machines on for 2 days just incase the gpo was skewed and needed time to sync but have not had time to test yet.
note: I have 'reset the user config\windows settings\internet explorer maintenance', run gpupdate /force on master dc, restarted once and logged on and off 4/5 times times and done the same with the other machines but had the same issue.
when I check the gpo manual configuration - it shows my internet connections successfully
run: gpo modelling for 'computer/container or user & container' all other settings are set but when I check the 'user config\internet connection - it does not show it has taken & the 'settings' tab (does not) show internet proxy settings.
run: gpo rsop results - shows all other gpo settings but not the 'user config\windows settings\internet connection does not show my internet proxy details.
question 1. If when I test to see if gpo's have been received and win 7 laptop can connect to fileserver and my machines can rec
note: I normally do not set 'enforce' gpo as I only have 1 x domain
note: if I run: rsop.msc on my win 7 it states that I do not have permission even though I used the 'domain admin' to logon as usual but rsop still opens and shows all correct gpos but not my internet proxy settings.
question 2. if my gpo's are still skewed I was thinking of removing all machines from the domain and demoting my dc and either doing a clean install or then running: dcpromo again. any suggestions from anyone ?
question 3. is the 'enforce setting for the gpo' only used if multiple domains are configured for example as I never set it ?