GPO not applying to all systems
I have setup a gpo to apply to system that in a group. I set this group in the gpo filtering, so any system in the group will get the gpo.
I see some systems got the gpo without a reboot, but most are not getting the gpo, even after setting the gpo 20hrs ago.
I have set the gpo to be applied to an OU that has all the other OU's off of that and the gpo is replicated to all the dc's.
Any thoughts how I can fix this?
I see some systems got the gpo without a reboot, but most are not getting the gpo, even after setting the gpo 20hrs ago.
I have set the gpo to be applied to an OU that has all the other OU's off of that and the gpo is replicated to all the dc's.
Any thoughts how I can fix this?
ASKER
This is all correct. I have applied the gpo to an OU that has multiple OUs under it, so they should get the gpo through inheritance. Non of these OU have "blocked inheritance" enabled.
I have run gpresult on some of the workstations and the gpo is not shown in the list of applied gpos.
Now, these systems should get this gpo applied without a reboot, correct?
Capture.PNG
I have run gpresult on some of the workstations and the gpo is not shown in the list of applied gpos.
Now, these systems should get this gpo applied without a reboot, correct?
Capture.PNG
Providing the required machines are in the Pilot-banner-login-remove Security Group.
Try running a GPUpdate /force on the machines not getting the policy. Although it sounds strange how they haven't receive the policy already the GP Refresh should have enabled them to receive the new policy/policies.
i'm also assuming the GPO is link enabled? the setting your trying to apply i'm guessing its a computer configuration correct?
Try running a GPUpdate /force on the machines not getting the policy. Although it sounds strange how they haven't receive the policy already the GP Refresh should have enabled them to receive the new policy/policies.
i'm also assuming the GPO is link enabled? the setting your trying to apply i'm guessing its a computer configuration correct?
ASKER
I did run gpupdate ./force on a system and it's not getting the GPO.
GPO is link enabled and it is a computer configuration.
GPO is link enabled and it is a computer configuration.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You have a GPO setup, this GPOs Security Filtering has been amended from Authenticated Users to Security Group which has computers in it? That GPO is then applied to the OU which has those Computers within it?
Could you maybe share a screenshot of the GPO Scope Tab, Where the GPO is applying to aswell?
Try running a GPResult on the clients that are meant to be receiving the policy to see if they are. Also ensure the machines that need to receive the policy are in the Security Group as you specified within the Security Filtering and also within the OU where the GPO is applied.