?
Solved

is it possible to create and new policy in GPMG and not affect a working policy

Posted on 2014-12-19
6
Medium Priority
?
180 Views
Last Modified: 2014-12-24
I have 300 clients still using Windows XP. (I know I know...) We are developing a Windows 8.1 Pro based client to replace this. I created new OU and subsequent policy on the same server that runs the existing clients. I soon discovered as I enabled, disabled and defined while in the newly edited file for Windows 8.1  that the Windows XPs were going offline. I did some quick reading and tried moving the OU to below the original OU, but more sites were complaining. I saved the policy and then deleted it from the GPMG. I had all sites reboot their systems and they were okay again. Due to the way our company works (read that big and slow) I assumed it would take some time to eventually transition from the XP to 8.1 and I wanted to offer them both a working solution over a period of time. Once the site has the new system running then the old one is shutdown. So what do I have to do to accomplish this?
0
Comment
Question by:hatcherb1234
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 40509517
If you've organized your sites and OUs properly, you can certainly work with GPOs without having any impact on live systems. You didn't give any information on topology or how you concluded what you were doing was the cause of outages though, so specifics are tough to give.
0
 
LVL 1

Author Comment

by:hatcherb1234
ID: 40509567
I have attached a snippet of the GPMG. the new policy originally went between the Workstation OU and below the workstation-policies. I then moved it to below all of the client OUs that linked to the workstation-policies and user-policies. As I type this I do remember that the new policy I was editing was linked. Maybe I should have turned that off first?
GPO.jpg
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 40509571
So much blackout and so little context. I still can't give any reasonable advice.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 1

Author Comment

by:hatcherb1234
ID: 40509582
What do you need to see? I can't provide hostnames or domain info.
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 40509597
Not looking for that. But a mock_up or drawing of the relevant OU'smwith the XP machines, 8.1 machines, users, and a brief idea of what policies you are trying to set that apparently broke your existing network and where you linked them are all helpful. I can see *none* of that from your screenshot. Drawing something like that out even using something silly like clipart in MS word is a trivial ask for the help you want.

The answer to your question, generically, is that yes, it is possible, and done quite often, to create new GPOs that don't interfere with existing machines. OUs, security groups, or WMI filters can all help constraint the new GPO.

But if you want specifics on where you might've gone astray, you have to be willing to share specifics. We can't operate in a vacuum. If you really need detailed help, hire a consultant, have them sign a contract that includes an NDA. All the normal security precaution when entering a B2B relationship.
0
 
LVL 82

Accepted Solution

by:
David Johnson, CD, MVP earned 2000 total points
ID: 40509626
use a wmi filter for only windows 8.1 machines
select * from Win32_OperatingSystem WHERE Version like "6.3%"
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question