GPO 被过滤 - BGinfo 报告域名错误

GPO 被过滤 - BGinfo 报告域名错误

我正在尝试查找我遇到的组策略部署问题。

问题是与域相关的 GPO 被过滤掉了。我们最近将我们的域从以下名称重命名:康托索至:lan.CONTOSO.com(Netbios 名称为:CONTOSO且不变)。

我开始调查,问题的第一个迹象是运行 BGinfo 时 - 我们仍然看到登录域机器领域CONTOSO这不是我想看到的:lan.CONTOSO.com

如果我运行:GPresult,我看到的域是:lan.CONTOSO.com(以及正确的 DC、OU 值)

  • 所有计算机(包括 DC)都出现此错误

那么:我应该在 BGinfo 报告中看到什么?如果它是错误的,如何修复它。

编辑:

以下是:gpresult /h 结果

Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001
Created On 24/11/2014 at 11:37:00 AM

RSOP data for CONTOSSO\user.admin on LTLVADMIN1407 : Logging Mode
---------------------------------------------------------------------

OS Configuration:            Member Workstation
OS Version:                  6.1.7601
Site Name:                   SiteIL
Roaming Profile:             N/A
Local Profile:               C:\Users\user.admin
Connected over a slow link?: No


COMPUTER SETTINGS
------------------
CN=LTLVADMIN1407,OU=Laptops,OU=Default,OU=CONTOSSO_Computers,DC=lan,DC=CONTOSSO,DC=com
Last time Group Policy was applied: 24/11/2014 at 10:06:21 AM
Group Policy was applied from:      DC3.lan.CONTOSSO.com
Group Policy slow link threshold:   500 kbps
Domain Name:                        CONTOSSO
Domain Type:                        Windows 2000

Applied Group Policy Objects
-----------------------------
    Default Domain Policy
    SpiceWorks Firewall
    Firewall - Disabled
    Printers
    Sophos Tasks Enabler
    Logon - Enable Verbose State
    WSUS - Default

The following GPOs were not applied because they were filtered out
-------------------------------------------------------------------
    Local Group Policy
        Filtering:  Not Applied (Empty)

The computer is a part of the following security groups
-------------------------------------------------------
    BUILTIN\Administrators
    Everyone
    SQLServerMSSQLServerADHelperUser$LTLVADMIN1407
    SophosUser
    BUILTIN\Users
    NT AUTHORITY\NETWORK
    NT AUTHORITY\Authenticated Users
    This Organization
    LTLVADMIN1407$
    System Mandatory Level


USER SETTINGS1
--------------
CN=ADMIN User,OU=IT_Department,OU=CONTOSSO_Users,DC=lan,DC=CONTOSSO,DC=com
Last time Group Policy was applied: 24/11/2014 at 11:05:04 AM
Group Policy was applied from:      DC3.lan.CONTOSSO.com
Group Policy slow link threshold:   500 kbps
Domain Name:                        CONTOSSO
Domain Type:                        Windows 2000

Applied Group Policy Objects
-----------------------------
    Default Domain Policy
    Drive Mappings
    Printers

The following GPOs were not applied because they were filtered out
-------------------------------------------------------------------
    SpiceWorks Firewall
        Filtering:  Not Applied (Empty)

    Local Group Policy
        Filtering:  Not Applied (Empty)

    Sophos Tasks Enabler
        Filtering:  Not Applied (Empty)

    Logon - Enable Verbose State
        Filtering:  Not Applied (Empty)

    Firewall - Disabled
        Filtering:  Not Applied (Empty)

    WSUS - Default
        Filtering:  Not Applied (Empty)

The user is a part of the following security groups
---------------------------------------------------
    Everyone
    HelpLibraryUpdaters
    SophosUser
    SophosAdministrator
    BUILTIN\Users
    BUILTIN\Administrators
    NT AUTHORITY\INTERACTIVE
    CONSOLE LOGON
    NT AUTHORITY\Authenticated Users
    This Organization
    LOCAL
    High Mandatory Level

这是计算机上的 UserDnsDomain

C:\Users\user.admin>echo %UserDnsDomain%+
LAN.CONTOSO.COM+

我所指的 GPO 甚至没有显示在列表中:它是一个登录脚本,是一个用户配置值。

在此处输入图片描述

在此处输入图片描述

GPO信息

在此处输入图片描述

组策略建模

我认为问题就在这里,我的用户名定义为:CONTOSSO\user 用户容器定义为:lan.contoso.com\contoso_users。我需要的 GPO 也没有显示。

在此处输入图片描述

问题可能出在 Netbios 名称?缓存值?

在此处输入图片描述

答案1

您需要将 GPO 链接到领域也一样。

将您的 GPO 拖到您想要应用的域(将其添加到“位置”)

在此处输入图片描述

相关内容