Group policies across Multiple Subnets

[Anthony]

Archived from groups: microsoft.public.win2000.group_policy (More info?)

I am having a problem pushing down group policies across multiple
subnets.

I have one site with multiple subnets. On subnets other than the one
where the DC resides, policies are not pushed down.

I have applied policies to containers in AD users and computers. I
know that policies can be applied directly to the site in AD sites and
services.

How will this affect the policies that I have already applied? I
asusme that this will apply all policies to all users and computers in
this site and I do not want that.

Any advice would be great!!!

Anthony

 

[Guest]

Archived from groups: microsoft.public.win2000.group_policy (More info?)

Replied on m.p.win2000.active_directory. Please don't multipost

--
--
Brian Desmond
Windows Server MVP
desmondb@payton.cps.k12.il.us

Http://www.briandesmond.com


"Anthony" <Anthony@discussions.microsoft.com> wrote in message
news:E5A3616A-44A1-4163-8601-FFBEFB9982E5@microsoft.com...
> I am having a problem pushing down group policies across multiple
> subnets.
>
> I have one site with multiple subnets. On subnets other than the one
> where the DC resides, policies are not pushed down.
>
> I have applied policies to containers in AD users and computers. I
> know that policies can be applied directly to the site in AD sites and
> services.
>
> How will this affect the policies that I have already applied? I
> asusme that this will apply all policies to all users and computers in
> this site and I do not want that.
>
> Any advice would be great!!!
>
> Anthony

 

[Guest]

Archived from groups: microsoft.public.win2000.group_policy (More info?)

Anthony wrote:
> I am having a problem pushing down group policies across multiple
> subnets.
>
> I have one site with multiple subnets. On subnets other than the one
> where the DC resides, policies are not pushed down.
>
> I have applied policies to containers in AD users and computers. I
> know that policies can be applied directly to the site in AD sites and
> services.
>
> How will this affect the policies that I have already applied? I
> asusme that this will apply all policies to all users and computers in
> this site and I do not want that.
>
> Any advice would be great!!!
>
> Anthony

Hello Anthony,
I had this very same issue before. The problem seems to lie in your
network configuration. Try to see if clients on other subnets are able
to ping your DC. If not, then open ICMP between subnets( allowing only
server pings. Then try to see if GPO take effect.
If so, try running dcdiag and netdiag....this should point you to the
right direction, maybe DNS issue or some other problem.
HTH,
Altria

 

[Guest]

Archived from groups: microsoft.public.win2000.group_policy (More info?)

you have to add the different subnets into the site settings in Active
Directory Sites and Services.

go down to subnets, add an entry for each subnet, and point them to the site
associated with the DC that you want them to connect to. wait 30min
(depending on your site replication settings) to make sure everything has
replicated and then run gpupdate /boot on the problem machines. that should
solve the problems


"Altria" <urbantec92@msn.com> wrote in message
news:OokY7at5EHA.2624@TK2MSFTNGP11.phx.gbl...
> Anthony wrote:
>> I am having a problem pushing down group policies across multiple
>> subnets.
>>
>> I have one site with multiple subnets. On subnets other than the one
>> where the DC resides, policies are not pushed down.
>>
>> I have applied policies to containers in AD users and computers. I
>> know that policies can be applied directly to the site in AD sites and
>> services.
>>
>> How will this affect the policies that I have already applied? I
>> asusme that this will apply all policies to all users and computers in
>> this site and I do not want that.
>>
>> Any advice would be great!!!
>>
>> Anthony
>
> Hello Anthony,
> I had this very same issue before. The problem seems to lie in your
> network configuration. Try to see if clients on other subnets are able to
> ping your DC. If not, then open ICMP between subnets( allowing only server
> pings. Then try to see if GPO take effect.
> If so, try running dcdiag and netdiag....this should point you to the
> right direction, maybe DNS issue or some other problem.
> HTH,
> Altria