hi I am currently running a win 2003 local domain via an isa 2006 firewall & xp clients successfully. - need some advice on specific couple issue below.
important: I never ever normally re-order to precedence list ie 1, 2, 3 etc - so maybe this is why I have always had issues, messing around troubleshooting and not knowing what I did, thinking the: gpupdate or gpupdate /force or gpupdate /sync - resolves all - but now I think I realise no!!!
I am planning on upgrading to win 2008, but I wish to resolve some of my own learning curve night mare issues due to lack of understanding and sometimes trial and error troubleshooting as below describes. - I have read things but not quite understanding as practical tests are not following expected procedure unless I have things back to front.
note: I never configure the 'default domain policy' & leave as default settings - instead I do the below:
note: when I logged onto each domain member server, they did not receive 'proxy' details and no internet access - so I 'created & linked the default dc policy' as per screenshot & set precedence for: default dc policy
- after carrying out the above step, all domain member servers received the 'proxy' details and internet access successful
I have also joined a win 7 laptop to the domain with a roaming profile and 'folder redirection' is successful as per eventviewer.
issues I have below:
1. when I try and access the internet it does not receive the 'proxy internet' settings via 'internet options.
2. when I run the internet explorer diagnostics - it states that dns is not detected/not responding, even though my master dc/ad/dns/dhcp/gpo server does not show any errors in the eventviewer & the dhcp has allocated a dynamic address as expected. I have also cross-checked ip address on win 7 laptop and it matches the dhcp address allocated.
random changes below:
the only thing I have done is add the 'default dc policy' directly above the 'default domain policy' - as per screenshot.
I have been playing around with the gpo order of preference via the following:
- linked group policy objects
- group policy inheritance
as they are numbered 1, 2, 3 etc im not really understanding what this does, although I assume precedence order 1 will take priority or if added to the bottom ie 3, 2, 1 then precedence 1 still takes priority instead of 3.
note: the issue I have now is when I logon via my win 7 laptop it now states:
"you cannot logon because the logon method you are using is not allowed on this computer"
normally when I create gpos, I leave the 'computer config & user config' in the same gpo - but was advised to separate so I did for example as per screenshot attached.
- fileserver - gpo
- fileuser - gpo - only domain admin logs on
question 1. can anyone advise on if changing the precedence order decides if the servers or pcs receive their specific configured gpo or not ?
question 2. all my machines are ok, except for my win 7 laptop so please help ?