Okay, we have 3 properties, each has their own IT department. We are all under the same domain, each property has their own OU folder. It's a mess, zero organization as far as computers and users. All the Computers from all 3 properties were thrown in the default folder and left there to rot. I have since taken the opportunity at least move our properties Computers and Users under our OU and in their own as well . Looks like this... Domain > Our Property > computers /or users > department > (computer name). Now my boss gave me a project to get started on some GPO's , from setting a default wallpaper, locking theme, map dept network share's and printers, disable saving locally and to force the user to only be able to save to network share,(folder redirecting?)
Anyway all that aside I successfully managed to apply a default wallpaper and lock down the theme for all users. Now I'm getting stuck on mapping the shares and printers. I've read and watched the correct process as far as the settings and item level targeting but I feel I'm missing a step.
Now since I organized the Computers and Users where exactly should I be placing the links for the Policy? I have them in our properties security group's folder ( item level targeting our security group) also in our Employees OU (Not in the departments OU). Should I be placing a GPO link inside the Computer OU as well even though its all in user settings? Security filtering is left on Authentication, no wmi filters, Made sure the policies are enabled. Just kind of ran out of options.. :( Where do I start looking for the Issues as far as troubleshooting. Are the GPO links too far down the tree? Ran a gpudate /force and gpresult /v (does not say anything about the gpo). Any Help appreciated. here is a sample of how our AD looks