Hi,
I am looking to keep all users network drives mapped when they use their machine off the network. When they are not connected to the the network, it just doesn't display with any.
The reason for this is because when they are off the network and connect via a VPN, it doesn't map their network drives (Obviously, as this step is missed in the log on scripts)
Seen some different methods online but, looking for the most practical one that will do this.
Thanks,
Hi Dears,
I want to disable default share like C$ , D$ , ... on clients except ADMIN$ on Clients,
I need ADMIN$ for install remote agent,
how i can do it by GPO?
Making a user a local admin on workstation in SBS2011 was a fairly easy process (checkbox/list option for User to be a Local Admin in AD users), I cant seem to find anything similar here nor has searching come up with anything similar.
I have 2012 Essentials added as well. Is there a way to allow a user local admin rights to their workstation so that they are not prompted for Admin privileges to manage software and updates?
area51pilot
Hi Everyone!
I need to configure password policies in my local Workgroup environment for five Computers running Windows 7.
Please let me know if anyone has done and experienced it.
Thanks
Azaam
Hello There,
In our environment, most of the Internet Explorer settings on user machines are managed via Group Policy. Internet Zone (Internet/Local Intranet/Trusted Sites/Restricted Sites) settings are defined using Administrative Templates ADMX (Windows Components/Internet Explorer/Internet Control Panel/Security Page) in group policy. We are running Windows 2008R2 Domain Controllers.
We recently started facing problem, whenever we make changes trusted site list, all settings defined for Internet explorer (mostly ADMX settings) are somehow getting empty and cause issues for end users.
Does anyone know what causes this?
Mahi
Hi,
I need to disconnect network mapped drive in my client machine using gpo. .
I used "net use" command but it not use ...anybody help me my issues..
Hey Guys,
We are looking to restrict the Settings from Windows 10 in the start menu and all other places.
I have imported the ADMX from Windows 10 into our store.
I did already configure Show only specified Control Panel items from the User Configuration - Control Panel hoping this would also restrict the settings.
This unfortunately does not work.
Any suggestions where to look?
Regards, René.
Dear all,
I have been tasked to figure out how we can restrict users from installing software & other applications on their own.
in our environment we windows 2012 R2 Std. Domain controller and user machines are joined to domain.
Domain users has admin rights on their machines.
so is there any way to restrict users from Installing App/Software on their own.
- Atul
TheAtulA
Grato Julio Vaz jvaz.wordpress.com
I believe I am having issues related to MS16-072 ( KB3159398 ).
All my user based GPOs have either Authenticated Users in the security filter ( with read access in the delegation tab ) or Domain Computers in the delegation tab with read access. One of our user GPO's map a network drive for users based on an AD group membership.
Our help desk started receiving calls after we pushed out this months patches about mapped drives not being there while the user was connected through VPN.
While running through some attempts to reproduce the issue I noticed that if I boot up off the network I no longer have the mapped drive. If I boot up on the network I have the drive mapped.
Before MS16-072 the mapped drive would still be present in the network locations but in a disconnected state ( Red X ) if I booted up off the network. If I uninstall MS16-072 and do those same two test the drive is present in each scenario. I also get the drive is mapped but disconnected.
Is anyone else seeing this with MS16-072?
Hello,
I am having an issue with the cmdlet Get-GPInheritance. It runs and returns data for everything but InheritedGpoLinks, which is what I am after. I have verified in the group policy management interface that there are in fact gpo's that are inherited. Has any seen this issue before?
I have verified the group policy is being applied to the user / machine.
I have done GPUPDATE /FORCE; tried logging off / on / off / on; have tried creating the policy in a new GPO; etc.
I have tried adding a DELETE as the first in the order followed a few steps below by an update.
I have tried adding a DELETE as the first in the order followed a few steps below by a replace.
Please let me know what else I can try.
Hello,
My DFL/FFL is Windows Server 2008 R2 and my DC Windows Server 2012 R2.
Client : Windows Seven SP1 32bits with IE11
I create a new GPO and configure GPP with IE10 settings. I configured a few options but Proxy settings are not applied. IE Settings on client side are empty. I created RegKey (ProxyEnable, ProxyOverride, ProxyServer) but it's not applied.
gpresult -> not problems
Have you any idea?
Thanks.
When clicked on an existing IE11 GPO: User Configuration > Preferences > Control Panel Settings > Internet Settings, this error pop out.
When click OK, can only see the Internet Explorer 8 & 9 setting in there.
and when right click on Internet Settings > News. Do not see option for Internet Explorer 10 or 11 as mentioned in this article. This is a PRD IE11 GPO, and is actually applied to IE11 Prod users.
Does the IE 8 & 9 settings applied to IE 11 too? and
Where to get the IE10/11 settings?
thank you
Best Regards,
I am trying to setup event forwarding to my domain controller. I have group polices designating my domain controller to be the collection server. I also have group policies turning on the Winrm services according to rsop.msc the group policies are being applied. I used the domain computers as the group in the event subscription. I cannot seem to get it to work I am getting the following error when I run wecutil gr Test on my source servers.
Failed to get RuntimeStatus Active Property. Error = 0x2
the system cannot find the file specified
The status of the subscription is showing active in event viewer on my domain controller and I added the domain controller's machine account to the Event Viewers group in the domain builtin groups
any help is appreciated
The Group Policy Analysis Tool (GPAT) does not seem to be working with my GPO's.
I can view/compare the sample policy rules and all appears good, so I think GPAT is working, but when comparing my own GPO's, they all appear to be the same.
To test, I copied a GPO and made changes to the copy. I then backed up the original and the copy. I then imported the backups into GPAT and view/compare, but they show as the same. I am guessing there is a problem with the backups or the way GPAT is importing them.
Hi,
I have screen lockout policy configured in default domain policy. It is getting applied and affected throughout my domain except one ou. For troubleshooting I logged in with multiple account on the computer of that OU but still not effect of policy. Even I logged with a test account and run the RSOP.MSC. And after that I checked that lockout policy showing applied but not getting affected on that machine.
Regards,
Jitendra Gautam
Hello,
I want to Share several Office Apps (e.g. Word, Outlook etc.) via RemoteApp based on a Windows Server 2012 infrastructure.
But before I do, I want to configure the Office 2016 Group Policy Preferences, especially theRestricted Browsing part.
IMO I think the policy is configured well:
Approve Locations is enabled and links to severel UNC paths in our Network
Activate Restricted Browsing is also enabled for Word, Excel, Powerpoint and Outlook.
Now my Problem, as soon as I want to browse a location i receive the following warning message: "Location has been blocked by your system administrator."
The thing is, it is possible to save anything to the defined paths, but I want wo get rid of that warning.
Do you have any clue of what I might can do or are there any known issues regarding Outlook 2016 and Group Policies?
I'm looking foward for you answer.
Best regards
Dominik Beckers