Questions

Default Domain Policy wont apply to Computers, only users

+
0 Votes
Locked

Default Domain Policy wont apply to Computers, only users

ricky.helmer
I have been working on setting up a brand new domain for about a month. I have tested everything and I can get all policies to apply except the Default Domain Policy to Computers. It will apply only to users. I have checked permissions of authenticated users and they say read and apply group policy.

What else can be blocking it from applying to computers????! I have also tried reverting everything back to default by demoting and re-promoting the DC and reconfigured everything but it still only applys to computers. Please help!

Also I have made sure that neither user or computer settings are disabled on the GPO and that it is enforced. There are no other policies in place to override it
  • +
    0 Votes

    If you put the computers in an OU and then put the policy on that OU

    +
    0 Votes
    ricky.helmer

    I have tried moving the computers to the same OU as the user. Also I added that computer to the same group as the user. Still no change.

    What else could I try??

    +
    0 Votes

    What server & client OS are you runnig?

    +
    0 Votes
    ricky.helmer

    Server 2003. Clients are XP. Actuall a new problem. When I run gpresult /v on the client, I get an error message stating INFO: Policy object does not exist. If i run it for administrators, it says something like "there is no RSOP data for this user".

    I have tried uninstalling and reinstalling DNS. Seemed to have cleard up a few problems in the event viewer. I ran dcdiag and netdiag and both are clean. It happens even after I use the gpupdate /force command, and on multiple computers. I tested the policices on one computer the first day and everything worked fine. After that, nothing ever worked again.
    I now have the event Userenv ID 1053 and 1054 on the clients after running gpupdate and it says the domain controller or domain cannot be found or does not exist. On the DC, I get a LSASRV ID 40960 message saying the security system detected an authentication error for the server DNS/kingofbeer. The failure code from authentication protocol Kerberos was...

  • +
    0 Votes

    If you put the computers in an OU and then put the policy on that OU

    +
    0 Votes
    ricky.helmer

    I have tried moving the computers to the same OU as the user. Also I added that computer to the same group as the user. Still no change.

    What else could I try??

    +
    0 Votes

    What server & client OS are you runnig?

    +
    0 Votes
    ricky.helmer

    Server 2003. Clients are XP. Actuall a new problem. When I run gpresult /v on the client, I get an error message stating INFO: Policy object does not exist. If i run it for administrators, it says something like "there is no RSOP data for this user".

    I have tried uninstalling and reinstalling DNS. Seemed to have cleard up a few problems in the event viewer. I ran dcdiag and netdiag and both are clean. It happens even after I use the gpupdate /force command, and on multiple computers. I tested the policices on one computer the first day and everything worked fine. After that, nothing ever worked again.
    I now have the event Userenv ID 1053 and 1054 on the clients after running gpupdate and it says the domain controller or domain cannot be found or does not exist. On the DC, I get a LSASRV ID 40960 message saying the security system detected an authentication error for the server DNS/kingofbeer. The failure code from authentication protocol Kerberos was...