Things that break group policy

From Pumping Station One
Revision as of 14:39, 13 October 2014 by Dbever (talk | contribs) (spelling)
Jump to navigation Jump to search

Group Policy

Group policy on windows controls windows settings for the domain.

It's used for the following

  • Determing logon rights for pc's hooked into the shopbot and laser cutter
  • setting registry keys for certains software licenses
  • disabling power saveing

Basic Troubleshooting

If you notice something wrong, the following command will trigger a group policy update, and may display information about what went wrong. 

   gpupdate
   gpupdate /force
   gpupdate /force /sync

Time desync

If the computer's time is desynchronized from AD: 

   net time /domain /set /y

and try gpupdate again

Garbage in sysvol

I don't know if this actually fixed anything, but try running the following commands as root on the Domain Controller 

   samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix
   samba-tool ntacl sysvolreset
   samba-tool dbcheck --cross-ncs --fix

ACLs break after rsync

If samba-tool ntacls sysvolcheck reveals a problem after every rsync of the sysvol, you may want to copy /var/lib/samba/private/idmap.ldb from the rsync host to the replicated Domain Controller.

Retrieved from "https://ps1.mywikis.wiki/w/index.php?title=Things_that_break_group_policy&oldid=19666"