MonitorWare Knowledge Base

Hi
I installed Windows 2003 and enabled the Domain Controller feature in it.
Next, I joined a windows xp client(user8) on another computer to this domain and also made a user account (john) in "Active directory users and computers" so the windows xp client be able to log in . I made a OU in my domain with the name "department" and made two other OUs in it with names "Users" and "Computers" and moved john to Users and user8 to Computers.
After that, I wanted to implement group policy on them so right click on "department" and made a new group policy and changed some of them.

But unfortunately when I login with windows xp client in my windows 2003 no policy doesn't apply at all. (for example I choosed to remove run from start menu but it still works )

Any help is respected

Sincerely
Michael Lopez

Hi,

you have come far by yourself. If the policy doesn't seem apply, or something in general doesn't work always perform 2 steps:

1. Wait at least 15 minutes or drink a cup of coffee. All changes made in the AD will need at least 15 minutes to apply, a golden rule.
2. Review the Eventlog for error codes, warnings or other hints that could lead to a problem.

I know this answer is not the solution, but you will have to find some more details on the problem before someone can help you in this case

regards,
Andre

so you mean that I did all of the things correctly

ok I will check the event viewer and post in here

thanks

sincerely
Michael Lopez

Hi

I restarded both server and client but nothinh isn't change (Run still exists in start menu) and suggestions?

Sincerely
Michael Lopez

Yes check the Eventlog on the W2003 Server for error&warnings.

Hi

I checked the event log but any warning or error was not there for any service except my DNS server in the past that wasn't related to this stuff and also w32time in "system" about my time service. One thing that I saw was in security instead of for example "john" in username was written "user8$" is it normal?

and in making users in active directory is any instruction that I should consider?
I added my windows xp client to this domain by using "system"--"Computer name" and after that pushed "change..." button and instead of workgroup which this client blonged before I changed it to domain and wrote my domain name in that place and got a welcome from the domain.
after that I saw that my clients (windows xp) name was added to AD->computers container. then I made a user "john" in users container and moved both of them to an OU which I made before and made a policy for both of them. is any thing wrong with my actions?

how do you do this job ? what instructions do you follow?

My windows 2003 version is 5.2 (3790) with no service pack
sincerely
Michael Lopez.

I am not sure if you have done this, but you will have to logon to the domain with this user on the Windows XP machine, only then policies will be used.

Btw this Link may help you, its about Grouop Policy and there some white papers for download:
http://www.microsoft.com/windowsserver2 ... fault.mspx

Hi
someone told me to check event log in windows xp and so I did and to double check the dns.
I did and knew that my dns configuration for windows xp sp2 was wrong so I changed the primary dns server for that connection to my dns server IP address and All of the thing went right

thank you alorbach for your help.

and now my question is that is only that primary dns server enough for my clients to work correctly, I have some external dns servers (not located in LAN but in internet) can I use them as secondary dns servers for my clients or configure my AD machine dns server to handle them?

www.gpanswers.com --> recommended
Sincerely
Michael Lopez

Hi,

you can either do that or you can configure your main DNS Server to forward queries it can't answer itself to the external DNS Server. This will of course only work if you server is connected to the internet .

best regards
Andre

Hi

I do thank you for your help I will choos the second one