Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

User Accounts Not Getting Lastest GPOs

Status
Not open for further replies.
anthonymeluso

anthonymeluso

IS-IT--Management
May 2, 2005
226
US
In my six plus years I have never seen this type of problem before and thought maybe this community could help me understand it.

We had two users who were not getting the latest user GPOs. At first I thought it was a profile corruption. So I deleted their profiles and had Windows automatically recreate them on next logon. Still the problem persisted. Not just on one machine but any machine they logged onto. No errors where found in event view either. Up in till a few days ago the account appeared to be working fine for the user.

To fix this problem I had to delete both the user's profile and the AD user account. Upon next login, everything worked and the latest GPOs were in affect.

My question is what could have been broken with AD user account that I had to recreate it? Could it had to do with the users SID or something else.

To me this a scary situation as I always believe AD user accounts to be very stable.
 
Sort by date Sort by votes
I had a similar issue where the XP machines were not waiting for the network connection and the users were logging in under cached credentials. It would sometimes take a day or so longer than normal for the GPO to apply correctly but it did eventually get applied.
 
Upvote 0 Downvote
Is there anyway in group policy to force it not to cache? I read some stuff on group policy history records in the registry. Would clearing them out helped me out?
 
Upvote 0 Downvote
Were these users in any different security groups from the rest of the users?

Were they in a different OU?

Thanks,
Andrew

[smarty] Hard work often pays off over time, but procrastination pays off right now!
 
Upvote 0 Downvote
No same security group same OU as everyone else. Since the issue first occurred it has happened to another person. The rest are fine. I just want to make sure this is not a larger problem that I don't see yet.

Thanks.
 
Upvote 0 Downvote
I'm not sure what caused your issue with these 2 users, but if it happens again, run gpresult when it happens and you can see if the policy is getting applied...and if it isn't, it may tell you why.

Thanks,
Andrew

[smarty] Hard work often pays off over time, but procrastination pays off right now!
 
Upvote 0 Downvote
That's the funny thing. These users are prevented from accessing the command prompt. Even when I change the setting in the GPO it never gets changed due to the original problem. So I never get to see gpresults. However, the old group policy sticks.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
500
DrB0b
DrB0b
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
407
microsGuy16
microsGuy16
dpellegrini
  • Locked
  • Question
Website will load using hostname but not IP address
Replies
3
Views
808
mangentle
mangentle
penguinroundup
  • Locked
  • Question
programmatically delete all saved passwords for IE for any user
Replies
0
Views
177
penguinroundup
penguinroundup
ADB100
  • Locked
  • Question
Single Windows 7 Ultimate workstation not applying Registry, Drive Map or Printers GPO settings
Replies
1
Views
238
technome
technome

Part and Inventory Search

Sponsor

Back
Top