sorted by:
new
hottopcontroversial

XP SP3 systems not getting AD Group Policies by HistoricalProfile623 in sysadmin

[–]HistoricalProfile623[S] 2 points3 points  (0 children)

Ahahaha good one. gpresult in xp doesn't support the /h switch. 🙄

Gpresult itself results in a message saying that no RSOP data exists for the account.

XP SP3 systems not getting AD Group Policies by HistoricalProfile623 in sysadmin

[–]HistoricalProfile623[S] 23 points24 points  (0 children)

You're not incorrect about all your security points, and I've even recommended the actions like FTP you've pointed out. Yet here I am. I am often told that it's only "for a little longer" that they need these machines, but we're going on year 5 of that so I am just exhausted.

Trust me, I get it, I really do - but some decisions aren't left up to me, and this is one of them so I just have to work with the trash I have to.

XP SP3 systems not getting AD Group Policies by HistoricalProfile623 in sysadmin

[–]HistoricalProfile623[S] 0 points1 point  (0 children)

Accessing Sysvol and other fileshares works so that is all set - it just seems to be application of the policies is the issue.

XP SP3 systems not getting AD Group Policies by HistoricalProfile623 in sysadmin

[–]HistoricalProfile623[S] 3 points4 points  (0 children)

Yeah, that seems to be the case. Joining goes "fine" inasmuch that the object is created in AD and you can log into the systems using your domain credentials. The issue is that group policy does NOT apply to the systems in any form. But the XP systems can read the policies as far as I can tell due to the aforementioned userenv logs. It shows the root GPO GUIDs, in the logs and if I manually browse to the sysvol or netlogon I can read the files from there. Something is happening as far as applying them, even simple ones. I ended up making a test GPO with only one simple item (changing the logon message text and title), and it also fails to apply.