Can not successfully deploy a registry key via GPO
Hello all,
Need some urgent expert assistance!
From my server 2016, I deployed a registry key via GPO to enabled TLS 1.2 on my windows clients. I linked it to the computer group in a test OU that has 5 other linked gpos, and those ones are being deployed successfully. However, when I run Group Policy Results wizard, I don't even see my registry object anywhere in the report. I have rebooted the client pcs several times, so I know it should have already taken effect.
Just an fyi, I manually edited a windows 7 client pc, test to make sure it was using TLS 1.2 instead of the default. Once I was done, I created the registry GPO using the wizard and pointing back to the Windows 7 client pc location:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
with the following values.
"DisabledByDefault"=dword:00000000
Thanks in advance!
Need some urgent expert assistance!
From my server 2016, I deployed a registry key via GPO to enabled TLS 1.2 on my windows clients. I linked it to the computer group in a test OU that has 5 other linked gpos, and those ones are being deployed successfully. However, when I run Group Policy Results wizard, I don't even see my registry object anywhere in the report. I have rebooted the client pcs several times, so I know it should have already taken effect.
Just an fyi, I manually edited a windows 7 client pc, test to make sure it was using TLS 1.2 instead of the default. Once I was done, I created the registry GPO using the wizard and pointing back to the Windows 7 client pc location:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
with the following values.
"DisabledByDefault"=dword:00000000
Thanks in advance!
Antzs
Once you have created the GPO as below and if it is not being applied, take a look at the PC's event viewer and see if there are any errors showing why it is not being applied to the PC.
Try this regisrty key:
Enabling TLS 1.2 by adding value SecureProtocols with the 0x00000800 in the registry path
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet SettingsASKER
Antzs,
Thanks for the response, but not seeing anything in event viewer!
Farbood,
I will your suggestion I try when I am back in the office tomorrow and report back! Thanks much!
Thanks for the response, but not seeing anything in event viewer!
Farbood,
I will your suggestion I try when I am back in the office tomorrow and report back! Thanks much!
ASKER
This has been resolved! Initially, I manually edited the registry on a Windows 7 machine and was trying to to use gpo registry wizard using the Windows 7 machine as a reference computer. The problem with this was that it did not allow me to drill down to the DWORD and set the value. By using the registry item, as shown by Antzs, I was able to add the DWORD value and that worked. However, there were no errors in the event viewer indicating any registry errors. It was as if nothing was ever done! Thanks all!
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.