Determining which of the domain computers are not respecting/applying GP

Determining which of the domain computers are not respecting/applying GP

So I have a domain with about 40 hosts joined to the domain and we are having issues with hosts not respecting/applying GP. Most of the hosts do but when I attempt to run policy results on certain hosts (no apparent pattern, some are Win7 and others are XP) I get different error messages, like "Error: Access is Denied" and "The RPC Server is not available." I know there are likely different remedies that must be implemented on each of these bad hosts but what I want to know is if there is an effective way to find out quickly which hosts can actually use group policy.

答案1

I'm not sure exactly how a computer "respects" Group Policy. I suspect you mean that Group Policy is not being applied to these machines and you're trying to figure out why. As for the error messages there are two causes:

  1. You don't have the appropriate user rights to run Group Policy Modeling.

  2. The RPC service on the remote machine is not running or a firewall is blocking RPC communication to the machine.

So the first thing to do is to make sure that you're using an account that has appropriate user rights (such as a domain administrator). The second thing to do is to make sure the RPC service is running on the target machine and that there are no firewalls blocking RPC communication to the machine.

In addition, if you're trying to troubleshoot the application of Group Policy you want to run Group Policy Results, not Group Policy Modeling.

相关内容