Problems with Group Policy

Archived from groups: microsoft.public.win2000.active_directory (More info?)

I am dealing with a Group Policy issue in a small, single DC network
environment.

In short, the client machines will not apply group policy settings.

Here's what I know:

Domain authentication is working.
DNS is working.
I believe my Integrated Active Directory Zone is working
No error messages are being generated
NTFS ACLs work for domain users, just not group policy refresh.
GPO refresh is set to synchronous during login and startup

There might be a simple solution, but I'm just not seeing it. I just
reinstalled Windows 2000 Professional on the client machines today and the
group policy is still not acting properly.

Thanks

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Desmond,

Thank you for the advice. It didn't fix the problem, but it did shed some
light on the problem.

When I ran secedit, there was no problem, but something did appear in the
event viewer: "Windows cannot determine the user or computer name. Error 1722"

This leads me to believe I have improperly configured DNS for Active
Directory, and all authentication is happening via MAC Address, not any form
of network layer translation.

So, if you have any advice on setting up the proper DNS configuration, I'd
be much obliged.

Jeff

Archived from groups: microsoft.public.win2000.active_directory (More info?)

"mcp1" wrote:
> You are welcome, Jeff.
>
> Check that clients receive correct DNS addresses (internal
> Servers setup to
> support AD) if they are using DHCP; otherwise manually
> configure them in the
> TCP/IP properties.
>
> Verify also that the clients are indeed properly joined to the
> AD domain. If
> the problem persists, un-join then re-join may be helpful.
>
> Since you mentioned only Win 2000, it does not 'suffer' from
> the fast GP
> processing in XP (where GP seem to behave intermittently).
>
> One more point - authentication does not happen via MAC
> Address; at least
> not in AD like what you could do in a WiFi setup.
>
>
> "Jeff" wrote:
>
> > Desmond,
> >
> > Thank you for the advice. It didn't fix the problem, but it
> did shed some
> > light on the problem.
> >
> > When I ran secedit, there was no problem, but something did
> appear in the
> > event viewer: "Windows cannot determine the user or computer
> name. Error 1722"
> >
> > This leads me to believe I have improperly configured DNS
> for Active
> > Directory, and all authentication is happening via MAC
> Address, not any form
> > of network layer translation.
> >
> > So, if you have any advice on setting up the proper DNS
> configuration, I'd
> > be much obliged.
> >
> > Jeff
> >

Hi,

DNS always seems to be the issue with Group Policy Problems. I have
detailed info on my website on how to correctly setup DNS to avoid
these issues. http://www.sd61.bc.ca/windows2000/dns.htm

Cheers,

Lara