Policy replication/enforcment

  • Thread starter Thread starter jgunderson
  • Start date Start date
J

jgunderson

I am having problems with a policy not staying in effect
on all computers within my domain. I am running ADS, 3
domain controllers, WIN2K Adv Server, around 600 users. I
have a policy that says do not show last user name. I
have it configured under
Computer configuration/window settings/Security
settings/Local Policy/security options/Interactive
Logon/Do Not Display Last...
I have it applied to a container in which all computer
belonging to the domain are in. Sometimes the policy
works, and sometimes it doesn't! Driving me crazy!
 
This may indicate that one or more of your domain controllers do not have a
healthy copy of that policy or policies, possibly a result of problems with
the File Replication Service on those DCs.

I would recommend checking the file system portion of that policy to see if
it is present on each DC, exactly the same.

Each GPO has a GUID. This unique ID can be found by looking at the
properties of that GPO from within AD Users and Computers.

Once you have that GUID, you can match it to the directory and contents on
each DC. The one below is the Default Domain Policy:

%systemroot%\SYSVOL\sysvol\domain.net\Policies\{31B2F340-016D-11D2-945F-00C0
4FB984F9}
 
Back
Top