Archived from groups: microsoft.public.win2000.group_policy (
More info?)
Hi Bill.
I am a bit confused. It still is not working in the TERMSVR = OU?? If not
it may help to make a few more changes to user configuration it to see if
that motivates it to work. When you look at the Group Policy properties it's
revisions for user should be greater than zero. Also if you have an XP Pro
computer in the domain you can use the Group Policy Management Console which
is terrific for managing and troubleshooting Group Policies. If you do that
be sure that the XP Pro computer is secure as you will need to logon to it
as a domain admin to get it to work. I would also run the netdiag support
tool on the TS server to see if it reports any problems related to dns,
dclist, kerberos, or trust/secure channel. Such problems can cause Group
Policies to not apply as intended. --- Steve
http://www.microsoft.com/windowsserver2003/gpmc/default.mspx -- Group
Policy Mangement Console.
"Bill" <Bill@discussions.microsoft.com> wrote in message
news:967F48E1-3384-45B4-9792-65DAD6BA8FB1@microsoft.com...
> thanks Steve
>
> Yeh I setup the Loopback on the TS and that seemed to do it
> it Started listening to the GPO on the TERMSVR = OU
>
> I was just kinda of curious why the TS wouldl isten to the main GPO on the
> site when it was under COMPUTERS and once I moved it to the OU it did not
> listen tot he OU's GPO
>
> Just trying to get a little better understanding of the GPO High archy
> etc..?
>
> thanks
> bill
>
> "Steven L Umbach" wrote:
>
>> Did you configure loopback processing for the GPO that you created for
>> the
>> OU that you moved the TS into? The other thing I would try is to move the
>> TS
>> into your new OU, refresh Group Policy on the domain controller and then
>> run
>> gpresult on the TS. View the results to see if it reports that the TS is
>> in
>> the new OU and that the GPO from the new OU is applying to it. If it is
>> then
>> try seeing if the policy applies to a user logging onto the GPO. You may
>> need to try logging on and off a couple of times. Running gpresult again
>> while logged on as the user will tell want user configuration policies
>> are
>> applying to the user. I would also check Event Viewer on your TS to see
>> if
>> any pertinent errors are reported and run the netdiag support tool on it
>> looking for any problems relating to dns, dclist, kerberos, and
>> trust/secure
>> channel. -- Steve
>>
>>
>> "Bill" <Bill@discussions.microsoft.com> wrote in message
>> news:40F126A9-D6AE-454D-9C29-98380FB249BB@microsoft.com...
>> > Steve Im a little confused..
>> > Why would the TS listen to the main GPO on the SITE
>> > if the TS was under Computers normally
>> >
>> > BUT
>> > not to the GPO on the OU that the TS was moved under?
>> >
>> > thx
>> > bill
>> >
>> > "Steven L Umbach" wrote:
>> >
>> >> The configuration you did was user configuration, so either the user
>> >> that
>> >> you logged on with must also be in the container or loopback
>> >> processing
>> >> needs to be enabled for that GPO. Note that changes are not immediate
>> >> and
>> >> that you may need to use secedit to speed up the policy propagation
>> >> for
>> >> user
>> >> or computer as the case may be. Gpresult support tool can also be
>> >> helpful
>> >> in
>> >> determining what is going on by displaying the container that the
>> >> user/computer is in and the policies that are applied and the last
>> >> time
>> >> they
>> >> were applied. --- Steve
>> >>
>> >>
>> >> "Bill" <Bill@discussions.microsoft.com> wrote in message
>> >> news:EBD86C47-34C3-4FF2-AAD0-CB134F334932@microsoft.com...
>> >> >I am trying to have a GPO apply to my Term Svr's only
>> >> > looked at both Q231287 and Q260370
>> >> >
>> >> > So I made an additional OU ..call in Termsvr
>> >> > moved my term server to it (Termsvr1)
>> >> > then I made a new GPO for the OU=TERMSVR
>> >> > just as a test tried to remove the RUN from Start
>> >> >
>> >> > NG
>> >> >
>> >> > But if I move the TS (termsvr1) back to the main site
>> >> > and do a GPO with removing RUN from start
>> >> >
>> >> > OK
>> >> >
>> >> > could someone give me a clue as to what I am missing here
>> >> >
>> >> > thanks
>> >> > bill
>> >>
>> >>
>> >>
>>
>>
>>
Facebook
Twitter
Instagram