Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Group Policy - XPSP2 - Windows 2003/2000

Status
Not open for further replies.
firthm

firthm

IS-IT--Management
Aug 21, 2003
119
GB
Hi Everyone,

I have a frustrating one here for you to ponder, though someone may give me the right answer straight away.

I have a Windows 2003 Small Business Server network running, 99% of clients are Windows XP-SP2.

We have two DC's...one Win2003SBS and one Win 2000 Server.

The Windows Firewall in GP was turned on, with certain exceptions, no problem.

However, I seem to be getting, intermittently, certain group policies just not being applied.

As a test I turned off Windows Firewall, I made this change and ran gpupdate to no avail, the custom ports that are normally exceptions are no longer there either.

So I ran gpresult to see what is going on with the policy.

I THINK (and I would love confirmation) what is going on is that the group policies are not being applies when ran from the Windows 2000 server, which may make sense because i'm not sure that it would be able to enforce XPSP2 policies?

Can anyone confirm:

- Whether Windows 2000 as a 2003SBS domain DC is able to push out XPSP2 group polices.

and

- Whether it is possible to update your group policies specially from one server (i.e. "Target" the SBS server for an update to see if it is the Windows 2000 server causing the problem.

Any help GREATLY appreciated.

Mike

Michael Firth
Network Infrastructure Officer

~If it's not broke, break it and LEARN~
 
Sort by date Sort by votes
Have a look here: thread1584-1251899

Hope This Helps, PH.
Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884 or FAQ181-2886
 
Upvote 0 Downvote
Thank you...that puts one of my questions to bed quite nicely.

If anyone knows how to update GP's from a sepcific server please let me know...the problem is intermittent (they sometimes apply and sometimes dont) so targetting the SBS server rather than the 2000 server would be a perfect test.

Thanks,
Mike

Michael Firth
Network Infrastructure Officer

~If it's not broke, break it and LEARN~
 
Upvote 0 Downvote
OK - I think I have issues.

When I look at the policies for XPSP2 Firewall from my own machine (using 2003SP1 Admin Toolkit) The XP firewall shows as ENABLED.

However, when I look at it from my SBS server it states DISABLED. It also states disabled from my 2000 server....


BUT

If you go into the Domain profile on BOTH SERVERS:

2003 Server has 14 options
2000 Server has 12 options (2 missing!)

Could this be causing my problems?

Thanks,
Mike

Michael Firth
Network Infrastructure Officer

~If it's not broke, break it and LEARN~
 
Upvote 0 Downvote
I eventually solved this problem.

There were replication issues with regards to group policy.

I used REPLMON to find the problem, which was that my SBS server was out of date compared to my 2000 server.

I removed and resynced the SYSVOL shared (there is an MS KB article) and all is now well....ahh!

Mike

Michael Firth
Network Infrastructure Officer

~If it's not broke, break it and LEARN~
 
Upvote 0 Downvote
You didn't list the kb article (which might help others who are researching a problem like this), but I love that sig line!

Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -
 
Upvote 0 Downvote
Hey People...

Sorry I had to go away and look it up, because I solved the problem a while ago and forgot (and felt terrible) to post the solution.

This article came in very useful, and helped me identify the tools from the Windows 200x Toolkit to use:


And this Technet article, though brief, was excellent too:


I hope this helps others with similar issues? Good Luck!

And if anyone ever has any questions re this problem, please feel free to get in touch.

Mike

Michael Firth
Network Infrastructure Officer

~If it's not broke, break it and LEARN~
 
Upvote 0 Downvote
Oh and Sniper...glad you like the sig! I thought of it myself...feel free to use it but if some rich guys offers you $500,000 dollars to put it on a t-shirt, i'll have half please. :p

Have a great day.

Mike

Michael Firth
Network Infrastructure Officer

~If it's not broke, break it and LEARN~
 
Upvote 0 Downvote
Michael -

People always ask me how to "learn" how to be an IT person. I always tell them "push buttons, blow stuff up". You learn real quick that way.

Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
693
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
906
suncit
suncit
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
540
antonio_dsanchez
antonio_dsanchez
mangentle
  • Locked
  • Question
What are the key advantages of using Microsoft Windows Servers for businesses?
Replies
1
Views
1K
gbaughma
gbaughma
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
782
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top