You can view the inheritance level in the GPMC, select the child OU.
http://technet.microsoft.com/en-us/l...50(WS.10).aspx
Did you try to enforce the GPO in the child OU?
BR - Frank
"sawyer" wrote:
> Hello
>
> I am running in a FFL and DFL of windows 2003 native. I have a top level OU
> that contains servers, I have attached a GPO to this OU that configures the
> windows automatic update settings. I also have several child OU's created
> under the parent, and these child OU's contain terminal servers. I have
> created and attached several GPO's to a couple of the child OU's. So for
> example to help map this out. The parent OU is called DEV, the child OU is
> called DEV1, and DEV2, I have a GPO's attached to DEV that configures AU
> settings for all servers in this OU. The DEV1 OU has 3 separate GPO's
> attached to it. One that configures loopback processing, one that maps the S
> drive to network share and the last GPO configures folder redirection. The
> serves in DEV2 require the same settings, except the GPO that maps the S
> drive needs to go to a different network share.
>
> What I ended up having to do get this all to work, ( and it seems like a lot
> of overkill to me) is create two separate OU's DEV1 and DEV2, put the serves
> into the respective OU's, then create 3 GPO's for DEV1, then create 3 GPO's
> for DEV2, on the DEV1 OU, I had to set the "block policy inheritance"
> because the parent OU of DEV1 contained a GPO' that mapped the same drive
> letter that the GPO attached to DEV1 and DEV2 maps. I had to do the same for
> DEV2 OU, I had to set the "block policy inheritance" because the DEV1 OU
> contained a GPO that mapped the same drive letter that a GPO attached to the
> DEV2 OU maps. , I then had to go to the parent OU and set the "enforced"
> check next to the GPO that configures the AU settings because this setting
> needs to apply to all serves.
>
> Here is my question.
>
> If a parent OU has a GPO attached to and for example the GPO maps a drive,
> and the child OU has a GPO and this GPO maps the same drive letter as the
> GPO attached to the parent but to a different network share, then as I
> understand how GPO inheritance works is if a GPO is attached to a parent OU,
> and a GPO is attached to a child OU and both GPO's configure or set the same
> settings, then to my understanding the GPO attached to the child OU would
> apply? This didn't happen and this is why I had to set the "block policy
> inheritance" on the child OU's
>
> Thanks for any help
>
Similar Threads
Linear Mode
