Solved

User Setting GPO is not shown on the PC.

Posted on 2014-11-06
13
111 Views
Last Modified: 2014-11-07
We have a new group policy which makes some Control Panel/Personalization changes in the User Configuration.

We link this GPO to a Test User OU and move my own AD account to to the OU.

I run gpupdate/force on my PC (login as myself) and run gpresult.  I still do not see that User Settings policy appears.

Please advise.

Thanks.
0
Comment
Question by:nav2567
  • 7
  • 6
13 Comments
 
LVL 2

Expert Comment

by:Amish Sanghrajka
ID: 40427537
Hi,

Have you checked that there is no security filtering on the linked GPO? When you run the gpresult /r command does the policy name appear at all in the results? If so it should tell you what, if anything, is blocking the GPO from being applied to the user. If not, then check that the GPO is enabled, linked to the appropriate OU and not being blocked by any inheritance/filter settings.

Kind regards,
0
 

Author Comment

by:nav2567
ID: 40427547
Ok, now I see it in User Settings when I typed gpresult.

The GPO makes changes in the User Configuration.  Can I apply it to OU that contain computers and expect it to work?  

In our environment, we only group computers but we do not group users.  I also do not want to apply the GPO directly under our domain.

Please advise again.

Thank you!!
0
 
LVL 2

Accepted Solution

by:
Amish Sanghrajka earned 500 total points
ID: 40427552
Hi,

To get the result that you are looking for you may have to configure loopback processing of a GPO. To do this edit your existing GPO in the following way:
1) Go to Computer Configuration
2) Go to Administrative Templates -> System -> Group Policy
3) Enable the Loopback policy option

This will change the loopback policy on all the computers in the OU and should force them to apply the user policies after a user logs in.

Kind regards,
Amish.

Reference: http://support.microsoft.com/kb/231287
0
 

Author Comment

by:nav2567
ID: 40427559
Sorry, I follow your way: edit my GPO>computer configuration>administrative templates>system>group policy but I do not see the "Loopback Policy Option".
0
 
LVL 2

Expert Comment

by:Amish Sanghrajka
ID: 40427562
Sorry, I should have asked this first: what server version are you using?
0
 
LVL 2

Expert Comment

by:Amish Sanghrajka
ID: 40427573
If you are using Server 2012 the full path is:
Computer Configuration -> Policies -> Administrative Templates -> System -> Group Policy

The full name of the setting is:
Configure user Group Policy loopback processing mode

The setting should be set to Enabled.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:nav2567
ID: 40427575
we use Windows 2008.

I just enable "User Group Policy Loopback Processing Mode" and set it to replace.

I move my workstation to a test OU that links to that GPO (the one that modifies the User Configurations).  I run gpupdate/force and run gpresult /R, I do not see the GPO in User Settings.
0
 

Author Comment

by:nav2567
ID: 40427583
I just tried Merge mode and same result.

Please advise again.
0
 
LVL 2

Expert Comment

by:Amish Sanghrajka
ID: 40427585
Bear in mind that a computer policy takes effect on startup rather than login so you will have to restart the computer which the policy is targeting. Have you rebooted the PC?
0
 

Author Comment

by:nav2567
ID: 40427594
rebooting now.   I think I have to use "Merge" mode in my case, right?
0
 
LVL 2

Expert Comment

by:Amish Sanghrajka
ID: 40427891
Yes, you should use the Merge mode. Did the GPO apply after a reboot?
0
 

Author Comment

by:nav2567
ID: 40428386
Works.  

One last question, I need to apply that GPO to a Windows 8 PC.  Is GPUPDATE & GPRESULT the commands to use?
0
 
LVL 2

Expert Comment

by:Amish Sanghrajka
ID: 40428446
Yes, that will work on Windows 8 as well.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Mapping Drives using Group policy preferences Are you still using old scripts to map your network drives if so this article will show you how to get away for old scripts and move toward Group Policy Preference for mapping them. First things f…
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now