Advertisement
So I decided I wanted to create a testing OU to apply policies that I want to test out before I push them live. The OU is 1 level down from the domain. Inheritance is not blocked. But for some reason I cannot get the policies linked to this OU to apply to the users in the OU. They are user policies, essentially just a login script.<\/p>\n
The domain level policies are applied just fine. The only policies that are not getting applied are the ones from the testing OU<\/p>\n
Any help would be awesome.<\/p>","upvoteCount":3,"answerCount":14,"datePublished":"2014-10-20T15:43:13.000Z","author":{"@type":"Person","name":"joeetten9168","url":"https://community.spiceworks.com/u/joeetten9168"},"acceptedAnswer":{"@type":"Answer","text":"
Joe-<\/p>\n
If that’s the case, then something is wrong with your targeting. If RSOP shows nothing about those two GPOs, then the user is not even evaluating them. Is there a chance that the computer you’re logging into is set to loopback-replace mode? That would explain this behavior, short of AD replication issues.<\/p>\n
Darren<\/p>","upvoteCount":0,"datePublished":"2014-10-20T16:43:40.000Z","url":"https://community.spiceworks.com/t/group-policy-is-not-being-applied-to-users-in-an-ou/349543/11","author":{"@type":"Person","name":"darren-sdm-software","url":"https://community.spiceworks.com/u/darren-sdm-software"}},"suggestedAnswer":[{"@type":"Answer","text":"
So I decided I wanted to create a testing OU to apply policies that I want to test out before I push them live. The OU is 1 level down from the domain. Inheritance is not blocked. But for some reason I cannot get the policies linked to this OU to apply to the users in the OU. They are user policies, essentially just a login script.<\/p>\n
The domain level policies are applied just fine. The only policies that are not getting applied are the ones from the testing OU<\/p>\n
Any help would be awesome.<\/p>","upvoteCount":3,"datePublished":"2014-10-20T15:43:13.000Z","url":"https://community.spiceworks.com/t/group-policy-is-not-being-applied-to-users-in-an-ou/349543/1","author":{"@type":"Person","name":"joeetten9168","url":"https://community.spiceworks.com/u/joeetten9168"}},{"@type":"Answer","text":"
Edit: I re-read and saw users. Nevermind.<\/p>\n
Make sure you are NOT making the GPO edits in the Computer Configuration settings, and are using User Configuration settings.<\/p>\n
Also, run RSOP.<\/p>","upvoteCount":0,"datePublished":"2014-10-20T15:46:21.000Z","url":"https://community.spiceworks.com/t/group-policy-is-not-being-applied-to-users-in-an-ou/349543/2","author":{"@type":"Person","name":"joey-d","url":"https://community.spiceworks.com/u/joey-d"}},{"@type":"Answer","text":"
Did you run RSOP to see what the results are when you do a gpupdate /force? Also the user you are logged in as is in the OU that you are applying the policy to? And FYI logon scripts have a difficult time applying if the computer logs in before the network kicks in (some laptops do this where 802.1x auth is involved).<\/p>","upvoteCount":2,"datePublished":"2014-10-20T15:46:26.000Z","url":"https://community.spiceworks.com/t/group-policy-is-not-being-applied-to-users-in-an-ou/349543/3","author":{"@type":"Person","name":"georgejurcan","url":"https://community.spiceworks.com/u/georgejurcan"}},{"@type":"Answer","text":"
Are these user settings or computer settings?<\/p>","upvoteCount":2,"datePublished":"2014-10-20T15:46:34.000Z","url":"https://community.spiceworks.com/t/group-policy-is-not-being-applied-to-users-in-an-ou/349543/4","author":{"@type":"Person","name":"Little-Green-Man","url":"https://community.spiceworks.com/u/Little-Green-Man"}},{"@type":"Answer","text":"
Did you check the delegation? I have had to add users to this to make things work in the past.<\/p>","upvoteCount":0,"datePublished":"2014-10-20T15:50:05.000Z","url":"https://community.spiceworks.com/t/group-policy-is-not-being-applied-to-users-in-an-ou/349543/5","author":{"@type":"Person","name":"littleangie","url":"https://community.spiceworks.com/u/littleangie"}},{"@type":"Answer","text":"
Do you have user settings disabled, and are the users a member of the group that the group policy is associated with?<\/p>","upvoteCount":0,"datePublished":"2014-10-20T15:50:59.000Z","url":"https://community.spiceworks.com/t/group-policy-is-not-being-applied-to-users-in-an-ou/349543/6","author":{"@type":"Person","name":"johnsnider","url":"https://community.spiceworks.com/u/johnsnider"}},{"@type":"Answer","text":"
Check security filtering to make sure it would apply to the users in the OU.<\/p>\n
Is the link Enforced and Enabled for the OU?<\/p>\n
What exactly is the script supposed to do?<\/p>","upvoteCount":0,"datePublished":"2014-10-20T16:08:13.000Z","url":"https://community.spiceworks.com/t/group-policy-is-not-being-applied-to-users-in-an-ou/349543/7","author":{"@type":"Person","name":"briankaye1437","url":"https://community.spiceworks.com/u/briankaye1437"}},{"@type":"Answer","text":"
Hi all.<\/p>\n
I have 2 policies linked to this OU, neither of them have computer edits. I did run RSOP, neither policy under the testing OU is being applied.<\/p>\n
My testing user is in the Testing OU, but the computer I am logging in from is not.<\/p>\n
Authenticated users have apply perms to both policies. Nothing is set to deny.<\/p>","upvoteCount":0,"datePublished":"2014-10-20T16:11:58.000Z","url":"https://community.spiceworks.com/t/group-policy-is-not-being-applied-to-users-in-an-ou/349543/8","author":{"@type":"Person","name":"joeetten9168","url":"https://community.spiceworks.com/u/joeetten9168"}},{"@type":"Answer","text":"
In the RSOP results, do you see your 2 GPOs listed under User Configuration\\Denied GPOs? If so, is there a Deny Reason listed there?<\/p>\n
Darren<\/p>","upvoteCount":0,"datePublished":"2014-10-20T16:25:29.000Z","url":"https://community.spiceworks.com/t/group-policy-is-not-being-applied-to-users-in-an-ou/349543/9","author":{"@type":"Person","name":"darren-sdm-software","url":"https://community.spiceworks.com/u/darren-sdm-software"}},{"@type":"Answer","text":"
RSOP does not show anything being denied. Unfortunately, the event log has no errors either.<\/p>","upvoteCount":0,"datePublished":"2014-10-20T16:41:49.000Z","url":"https://community.spiceworks.com/t/group-policy-is-not-being-applied-to-users-in-an-ou/349543/10","author":{"@type":"Person","name":"joeetten9168","url":"https://community.spiceworks.com/u/joeetten9168"}},{"@type":"Answer","text":"
Hey Darren, thanks for the idea! As it turns out one of my GPOs that were linked but not enforced in the domain root had loopback processing enabled. I didn’t think it would do anything since it was not enforced. Apparently I was wrong. The moment I removed the setting and did an update on the client machine it was working.<\/p>","upvoteCount":0,"datePublished":"2014-10-20T17:11:10.000Z","url":"https://community.spiceworks.com/t/group-policy-is-not-being-applied-to-users-in-an-ou/349543/12","author":{"@type":"Person","name":"joeetten9168","url":"https://community.spiceworks.com/u/joeetten9168"}},{"@type":"Answer","text":"
HAve you tried forcing the GPO?<\/p>","upvoteCount":0,"datePublished":"2014-10-21T03:59:01.000Z","url":"https://community.spiceworks.com/t/group-policy-is-not-being-applied-to-users-in-an-ou/349543/13","author":{"@type":"Person","name":"jacovanstaden","url":"https://community.spiceworks.com/u/jacovanstaden"}},{"@type":"Answer","text":"