Computers not applying group policies

Discussion in 'Active Directory' started by Victoria Bolton, Aug 10, 2005.

  1. We have an existing NT4 network that we are migrating from. We have a brand
    new 2003 domain network that we are moving to. Both are on the same network
    with a trust between the two.

    We are setting up roaming profiles and folder redirection. After much head
    bashing I think we have a better understanding however we have one issue
    that is baffling us. We are currently testing with three machines. Our 2
    office computers and a brand new machine being setup for a user that
    conveniently came in at the right time to be our first guinea pig client
    machine :)

    My collegues XP laptop is a member of the new domain. My 2000 computer is a
    member of the old domain. We have setup several users in the new AD. The new
    XP computer was set straight up on the new domain. All are patched up to
    date as are the new servers.

    I can create the user account and if I log it in on either mine or my
    collegues machine it will not apply the group policy for folder redirection.
    It will however create the basic roaming profile just fine. When you log out
    all the settings appear in our default Profiles folder. What doesn't work is
    the folder redirection or any other policy setting I made, namely the
    screensaver to be password protected and come on at 15 mins and be
    unchageable by the user.

    No amount of time or rebooting or logging on and off changes this. However
    if I log on to that account on the brand new machine it all works, it
    creates the redirected folders, moves the content over from the profile and
    the GPO is being obeyed. If we log off and then go back to our personal
    machines and log back in from there it is all still working, GPO and all.

    No new accounts will work though until they are logged into that new
    machine. It has us both baffled and confused. I have 60 users I need to
    switch over to this new domain and if I have to log them all in on one
    machine first before their existing desktops will accept the default domain
    policy then I'm probably going to go crazy. I can see no difference in the
    two XP machines and the way they are setup to account for anything except
    that the laptop had prior knowledge of the old domain.

    Any help would be appreciated.


    Victoria Bolton, Aug 10, 2005
    1. Advertisements

  2. Hello Victoria.
    What is the source of the files being redirected with folder redirection? if
    the source not are availbel the folder redirecation will fail and can't
    change to the new location. You should see if the folder redirication failes
    or succeds in the event viwer application log at the partiuclar computer
    Chriss3 [MVP], Aug 11, 2005
    1. Advertisements

  3. Victoria Bolton

    lforbes Guest

    Hi Victoria,

    DNS is usually the culprit with Group Policy Issues. Checkout how DNS should
    be setup. My guess is with the two domains the machines may be getting


    lforbes, Aug 11, 2005
  4. Lara,

    Great link, I had no reverse DNS zone setup. I was also using the DHCP
    server on the old NT domain controller until it was time to switch over. I
    turned that one off, re-enabled the DHCP on my new server and after a reboot
    of my client machine it worked perfectly. Not quite sure if it was the DNS
    or the DHCP but one of the two fixed it :)

    Thanks a lot, definately not a headache I needed :)
    Victoria Bolton, Aug 11, 2005
  5. Thanks for the reply Chris, It turned out to be either my DHCP or DNS
    settings. Lara's link fixed it up nicely.

    Victoria Bolton, Aug 11, 2005
  6. Victoria Bolton

    lforbes Guest


    Glad you got it working. More than likely it was a combination of the two.
    DHCP helps register legacy clients in DNS (if you enable it) so it is linked
    closely with DNS. Also IF the machine's IP in DNS is different from the IP in
    DHCP it also causes GP problems. The new "refresh" of IP's with the new DHCP
    would automatically trigger all the clients to re-register in DNS with their
    new IP. This is probably what fixed it.


    lforbes, Aug 12, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.