Make sure that the policy was configured on a container that contains the
computer accounts. For such a small domain you probably did this in Domain
Security Policy? If that is the case, reboot or use the command secedit
/refreshpolicy machine_policy /enforce on the other computers to see if that
fixes the problem. Also check your dns settings so that the domain
controller points only to itself as it's preferred dns server in tcp/ip
properties and that all the domain computers point only to the domain
controller as their preferred dns server. You can use the command ipconfig
/all to check tcp/ip configuration. You will also find the support tools
dcdiag [domain controller only] and netdiag to check for the health of your
domain computers in regards to network connectivity, dns name resolution,
and computer account/secure channel integrity. The support tools are located
on the install disk in the support/tools folder where you install them by
using the setup file there. Also make it a habit of using Event Viewer to
check the various logs on your computers when you are experiencing problems
and also routinely to check for errors that may mean impending problems,
particularly on your domain controller.. --- Steve
Dan said:
Hi,
I have a Windows 2000 Server with 5 Client machines... I have set the
security audit polices on the server and they have propagated down to
three
of the machines but two of machines effective settings are not
correct...So
they did not receive them... Any help or suggestions would be greatly
appreciated...
Thanks
