onedererer
commented
7 years ago I use policy analyzer from Microsoft to sort through the localGPOs and dump the Domain Ones to excel for comparison and documentation.
Closed scottsmith45459 closed 6 years ago
onedererer
commented
7 years ago I use policy analyzer from Microsoft to sort through the localGPOs and dump the Domain Ones to excel for comparison and documentation.
scottsmith45459
commented
7 years ago Ok. Thanks for the tip. I'll download the tool and run it on one of the test machines. What I encountered yesterday was that the workstation was not receiving Group Policy updates from the DC even after the workstation firewall rules had been modified to allow those functions. The "RPC...was unavailable" error message shows up. I'll be checking the workstation before I look at the switch configuration to see where the issue resides.
iadgovuser1
commented
7 years ago Were you running gpresult as a local user or as a domain user?
This reminds me I should upload the HTML reports for all the GPOs so then you could just check them since it contains all the registry keys and values in the report.
scottsmith45459
commented
7 years ago gpresult was run under a domain admin account. I built a new domain and moved clients to the new domain and used the same policies to see if there was something amiss about DNS in the old domain. The move to the new domain seems to have solved most of the DNS problems, but the "LocalGPO" still remains in effect on the Windows 10 workstations
iadgovuser1
commented
7 years ago Are domain GPOs not applying? At a minimum the default domain policy should be applied as long as you have actually configured at least 1 policy in it.
b-rob32
commented
7 years ago You may want to look into disabling the Local GPO from processing. Have a look here: http://winintro.com/?Category=Windows_10_2016&Policy=Microsoft.Policies.GroupPolicy%3A%3ADisableLGPOProcessing
I'm in the process of testing GPOs for several different Win10 SHB clients and have run into a couple of issues that I'm perplexed by. After I join the workstation to the domain and move the workstation into the correct container so policies can be pushed, I run into a couple of unusual errors. Thinking the error might be group policy related, I ran "gpresult.exe" on the workstation to see where the issues might be. Under the "Applied GPOs" section of the report, there is an entry for "LocalGPO" and states that it is applied along with the other GPOs I set up.
Is there a way for me to check the registry for the settings that make up the "LocalGPO"? I've checked the local security policy and none of the settings seem to be out of the ordinary. One of the odd results is that I'm no longer able to right-click on anything on the desktop - and was wondering if this was a setting in the "LocalGPO" that I'm unable to see.