Getting Group Policy to work

DJ_EvergreenDJ_Evergreen MB, Canada Member
edited October 2008 in Science & Tech
Hello all.

I created a group policy object to remove the username on the login page and applied it to an OU. There are three computers that this OU should apply to. All three computers are in the same OU that the GPO is in. It works fine on two of the computers. but one computer does not remove the last username. I've created three Group Policy Modelings for each computer with the same username logging in. All three show that the GPO is enabled and should be applied... any ideas?

Comments

  • CycloniteCyclonite Tampa, Florida Icrontian
    edited September 2008
    Operating system versions? What does a gpresult show?
  • DJ_EvergreenDJ_Evergreen MB, Canada Member
    edited September 2008
    Server: 2003
    Clients: All XP

    GPResult shows the same thing on all three computers, that the policy is enabled.
  • CycloniteCyclonite Tampa, Florida Icrontian
    edited September 2008
    Hmm... Are there any events in the event logs?
  • DJ_EvergreenDJ_Evergreen MB, Canada Member
    edited September 2008
    Hmm... I just noticed I'm getting a lot of these errors which likely has something to do with it... I have no idea what's wrong.

    errortw4.th.png
  • kryystkryyst Ontario, Canada
    edited September 2008
    Try reattaching the 3rd computer back to the domain, could be that it's lost it's association from the AD and it's not getting the rules rolled out to it correctly.
  • ThraxThrax 🐌 Austin, TX Icrontian
    edited September 2008
    Is your DNS configured properly? Your DC has to refer back to itself for domain requests, all of your clients should be configured to point at the DC for DNS (accomplished w/ a login script) and external DNS requests should be done via forwards.
  • DJ_EvergreenDJ_Evergreen MB, Canada Member
    edited September 2008
    I'll try that and post back the results. Thanks for your input guys!

    Thrax: I believe all my settings are correct and DNS is configured correctly, however I am not a pro when it comes to DNS. I'd be happy to post any screen shots if it helps.

    And all the clients on the domain their DNS is pointing to the Primary DNS server. Not by a login script, however, but manually typed in.
  • CycloniteCyclonite Tampa, Florida Icrontian
    edited September 2008
    kryyst wrote:
    Try reattaching the 3rd computer back to the domain, could be that it's lost it's association from the AD and it's not getting the rules rolled out to it correctly.

    That was going to be my suggestion. :)
  • DJ_EvergreenDJ_Evergreen MB, Canada Member
    edited September 2008
    Nope, no luck. GPO still shows that it applied in gpresult however the last username still shows. I'm still getting that error on the server too.

    Anyone have anything else to try?

    EDIT:

    Here are some screen shots of my DNS. Does anything look wrong? The computer having trouble is called Visual.

    dnswm5.th.png

    forwarderslt1.th.png

    roothintsfr8.th.png
  • ThraxThrax 🐌 Austin, TX Icrontian
    edited September 2008
    Does your PDC's network adapter point to itself for the primary DNS IP?

    //EDIT: Is that forward to your DSL? Or another DNS agent? IIRC (please, someone let me know if I'm wrong) the forward should go to an external DNS server.
  • DJ_EvergreenDJ_Evergreen MB, Canada Member
    edited September 2008
    Yes it does. I can also post screen shots of the GPO windows if that helps
  • RyderRyder Kalamazoo, Mi Icrontian
    edited September 2008
    Thrax wrote:
    Does your PDC's network adapter point to itself for the primary DNS IP?

    //EDIT: Is that forward to your DSL? Or another DNS agent? IIRC (please, someone let me know if I'm wrong) the forward should go to an external DNS server.
    Yes, a forward on a DC should go to an external DNS normally, since it only needs to forward what it can't resolve.
  • DJ_EvergreenDJ_Evergreen MB, Canada Member
    edited September 2008
    the forward is to my router which forwards it to my isp. It's worked for months so I can't see how that is the problem.
  • DJ_EvergreenDJ_Evergreen MB, Canada Member
    edited September 2008
    OK guys I've done a little searching and found out why I was getting that error 1054. Turns out it was because of my AMD dual-core processor. I installed the AMD update and that stopped the error messages.

    However the GPO still isn't working on the one computer despite it showing enabled.
  • KwitkoKwitko Sheriff of Banning (Retired) By the thing near the stuff Icrontian
    edited September 2008
    From that machine, do "gpupdate" at the command prompt then reboot. I've had fussy GPOs at times at that has solved the problem.
  • CycloniteCyclonite Tampa, Florida Icrontian
    edited September 2008
    Maybe add the /force switch as well.

    When Group Policy works, it's a wonderful thing. When it doesn't, it's the most painful thing to troubleshoot.
  • KwitkoKwitko Sheriff of Banning (Retired) By the thing near the stuff Icrontian
    edited September 2008
    ^^
  • DJ_EvergreenDJ_Evergreen MB, Canada Member
    edited September 2008
    Thanks everyone for all your help! I think it may be working correctly now... Don't know for sure yet because I can only access it remotely right now. I will post later on when I can sit down at it.
  • DJ_EvergreenDJ_Evergreen MB, Canada Member
    edited September 2008
    Ugh, unfortunately the GPO STILL doesn't work... Anything else I can try?
  • DJ_EvergreenDJ_Evergreen MB, Canada Member
    edited September 2008
    ...anyone?
  • -tk-tk Detroit, MI USA Icrontian
    edited October 2008
    Thrax wrote:
    Does your PDC's network adapter point to itself for the primary DNS IP?

    //EDIT: Is that forward to your DSL? Or another DNS agent? IIRC (please, someone let me know if I'm wrong) the forward should go to an external DNS server.

    He's right, keep checking your DNS setup . I've seen this happen many times and it's always DNS. I hate Dumb Naming System sometimes...
Sign In or Register to comment.