<\/div>\n<\/aside>\n","upvoteCount":3,"datePublished":"2019-06-24T17:20:56.000Z","url":"https://community.spiceworks.com/t/user-gpo-doesnt-apply-when-computer-in-certain-ou/717865/2","author":{"@type":"Person","name":"justin1250","url":"https://community.spiceworks.com/u/justin1250"}},"suggestedAnswer":[{"@type":"Answer","text":"
Hi Everyone,<\/p>\n
I have a weird issue with group policies not applying when the computer account is not in a certain OU.<\/p>\n
Let me explain.<\/p>\n
I have a new domain with separate OUs for Desktops and Laptops, and another OU for users. Each OU has a specific GPO to accomplish different tasks.<\/p>\n
When the computer is in the Desktops OU, everything works fine, which means the computer gets its computer GPOs (thus the computer policies) and the logged in user gets settings as defined in the Users GPO. No problems there.<\/p>\n
The issue, however, is that when I place a computer in the Laptops OU, only the computer policies apply, but not the user policies. If I move the computer account to the Desktops OU, it works properly and everything gets applied.<\/p>\n
I checked for all kinds of filtering, group memberships etc, but there is none. I even created a different OU to test, but that one exhibits the same issues as the Laptops OU.<\/p>\n
Searching support groups for this issue has gotten me nowhere, so here I am asking you guys.<\/p>\n
Any help is greatly appreciated.<\/p>\n
George<\/p>","upvoteCount":4,"datePublished":"2019-06-24T17:17:24.000Z","url":"https://community.spiceworks.com/t/user-gpo-doesnt-apply-when-computer-in-certain-ou/717865/1","author":{"@type":"Person","name":"georgegoede","url":"https://community.spiceworks.com/u/georgegoede"}},{"@type":"Answer","text":"
Thanks for your reply, Justin.<\/p>\n
Short answer: It worked.<\/p>\n
Long answer:<\/p>\n
When I got this issue, I started troubleshooting and looking everywhere for a solution.<\/p>\n
I didn’t have loopback enabled, but in at least two posts, they talked about enabling<\/strong> loopback, which I thought was weird, as it wouldn’t do me any good in this specific situation. I did the change, however, and as I expected, it didn’t help me.<\/p>\nMy mistake was, that I didn’t remove the setting when I was done.<\/p>\n
Now, after reading your reply, I went back and checked, and figured I could as well remove that setting back and lo and behold, it worked.<\/p>\n
I’m doing some testing now to confirm this works permanently.<\/p>\n
As soon as I’m done and it is confirmed, I will close this thread and award points.<\/p>\n
Thanks a lot! \n\n
<\/div>\n
ghgoede:<\/div>\n
\nThanks for your reply, Justin.<\/p>\n
Short answer: It worked.<\/p>\n
Long answer:<\/p>\n
When I got this issue, I started troubleshooting and looking everywhere for a solution.<\/p>\n
I didn’t have loopback enabled, but in at least two posts, they talked about enabling<\/strong> loopback, which I thought was weird, as it wouldn’t do me any good in this specific situation. I did the change, however, and as I expected, it didn’t help me.<\/p>\nMy mistake was, that I didn’t remove the setting when I was done.<\/p>\n
Now, after reading your reply, I went back and checked, and figured I could as well remove that setting back and lo and behold, it worked.<\/p>\n
I’m doing some testing now to confirm this works permanently.<\/p>\n
As soon as I’m done and it is confirmed, I will close this thread and award points.<\/p>\n
Thanks a lot!
Loopback is used in situations like Kiosks and Terminal servers. It should almost never be useful in just an end-user computing environment.<\/p>\n
That MS article has lots of good stuff in it also make sure to read part two.<\/p>","upvoteCount":0,"datePublished":"2019-06-24T17:49:11.000Z","url":"https://community.spiceworks.com/t/user-gpo-doesnt-apply-when-computer-in-certain-ou/717865/4","author":{"@type":"Person","name":"justin1250","url":"https://community.spiceworks.com/u/justin1250"}},{"@type":"Answer","text":"
Yes, I confirmed that the issue is resolved.<\/p>\n
I agree with what you said about loopback, as I use it in very specific situations that require the use of it.<\/p>\n
In the end, I still find it weird that this happened, but figure that sometimes, settings need a “kick” to work properly.
Once again, thanks for your help Justin!<\/p>","upvoteCount":1,"datePublished":"2019-06-24T18:26:11.000Z","url":"https://community.spiceworks.com/t/user-gpo-doesnt-apply-when-computer-in-certain-ou/717865/5","author":{"@type":"Person","name":"georgegoede","url":"https://community.spiceworks.com/u/georgegoede"}}]}}
Hi Everyone,
I have a weird issue with group policies not applying when the computer account is not in a certain OU.
Let me explain.
I have a new domain with separate OUs for Desktops and Laptops, and another OU for users. Each OU has a specific GPO to accomplish different tasks.
When the computer is in the Desktops OU, everything works fine, which means the computer gets its computer GPOs (thus the computer policies) and the logged in user gets settings as defined in the Users GPO. No problems there.
The issue, however, is that when I place a computer in the Laptops OU, only the computer policies apply, but not the user policies. If I move the computer account to the Desktops OU, it works properly and everything gets applied.
I checked for all kinds of filtering, group memberships etc, but there is none. I even created a different OU to test, but that one exhibits the same issues as the Laptops OU.
Searching support groups for this issue has gotten me nowhere, so here I am asking you guys.
Any help is greatly appreciated.
George
4 Spice ups
I’d guess Loopback.off the top of my head it’s one of the only computer settings I can think of that would affect user policy. If none of the User Policy applies I would guess it is set to replace mode.
3 Spice ups
Thanks for your reply, Justin.
Short answer: It worked.
Long answer:
When I got this issue, I started troubleshooting and looking everywhere for a solution.
I didn’t have loopback enabled, but in at least two posts, they talked about enabling loopback, which I thought was weird, as it wouldn’t do me any good in this specific situation. I did the change, however, and as I expected, it didn’t help me.
My mistake was, that I didn’t remove the setting when I was done.
Now, after reading your reply, I went back and checked, and figured I could as well remove that setting back and lo and behold, it worked.
I’m doing some testing now to confirm this works permanently.
As soon as I’m done and it is confirmed, I will close this thread and award points.
Thanks a lot!
1 Spice up
ghgoede:
Thanks for your reply, Justin.
Short answer: It worked.
Long answer:
When I got this issue, I started troubleshooting and looking everywhere for a solution.
I didn’t have loopback enabled, but in at least two posts, they talked about enabling loopback, which I thought was weird, as it wouldn’t do me any good in this specific situation. I did the change, however, and as I expected, it didn’t help me.
My mistake was, that I didn’t remove the setting when I was done.
Now, after reading your reply, I went back and checked, and figured I could as well remove that setting back and lo and behold, it worked.
I’m doing some testing now to confirm this works permanently.
As soon as I’m done and it is confirmed, I will close this thread and award points.
Thanks a lot!
Loopback is used in situations like Kiosks and Terminal servers. It should almost never be useful in just an end-user computing environment.
That MS article has lots of good stuff in it also make sure to read part two.
Yes, I confirmed that the issue is resolved.
I agree with what you said about loopback, as I use it in very specific situations that require the use of it.
In the end, I still find it weird that this happened, but figure that sometimes, settings need a “kick” to work properly.
Once again, thanks for your help Justin!
1 Spice up
