Computer / user not picking up a new GPO policy

We created new OU and placed a specific computer in that OU. WE then created a special policy in the GPO on the domain controller. The end result is to have any computer placed in the OU to be locked down to login into the domain and running only internet explorer.
In the newly created poilicy we restricted (disable all access) and allowed internet via a path policy to Iexplore.exe.
we did gpupdate /force on the DC and logged out and back into the computer. only previously existing "Default Domain Policy" remained applied.
I have done this in other scenarios with no problems.
Any help would be appreciated.
Thank you.
Wayne
wlasnerDirector, ITAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ilídio AmaralCommented:
Due to the assyncronous way GPOs  are applied, some of them may require the system to be rebooted one or two times before they become active on the system. Logging off and on is not enough.
1
yo_beeDirector of Information TechnologyCommented:
Is the GPO placed in the proper hierarchy?  
Is the OU blocking inheritance?  
These are two things that come to mind.
0
Hello ThereSystem AdministratorCommented:
Check, if the policy is 'Linked'. Then perform gpupdate /force command and restart your computer. It should be enough.
If not, check your GPO's 'Slow link detection' policy.

Also keep in mind that if you configure anything in Computer Configuration, this must be applied to an OU containing computers. If you configure anything in User Configuration, this must be applied to an OU containing users!!!

What is the result of 'gpresult -r' on client side?

There might be an issue with connection to the network. Try to edit a policy entry in DDP and see if the specific computer or account will be affected or not.

Are these workstations directly conected to the network?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
wlasnerDirector, ITAuthor Commented:
We are good, thank you for your assistance.
0
yo_beeDirector of Information TechnologyCommented:
What was the solution?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.