GPO on Windows Server 2012R2 is not working with Windows 10
computers, one of my friend has setup-ed a new environment with domain
controller and Windows 10 workstations, users have no access to the
desktops, they cannot even delete the icons on their PC, even local
admin access has not fixed the issue and they have faced password policy
issues, when user tried to change their password with all complex as
per current policy, getting an error message that it’s not complex
enough and doesn’t have enough characters.
Also Read: Group policy is not applying/working after patching (GPO Permission issues)
No issues are reported on the normal check out, default domain policy has all the necessary settings which are not reaching the Windows 10 machines, while troubleshooting the issue found they haven’t imported the Windows 10 Group Policy Templates to there Windows Server 2012 R2 Domain Controllers, so the Local logon DC can’t even communicate with Windows 10 Machines via GPO
How to check the Windows 10 System is the GPO’s are applied from DC?
you can use gpresult /v to get the detailed report of all applied policies
RSOP.MSC tool to check the same in GUI, rsop is very easy tool which shows all applied settings and from which policy its getting applied
If the policy not even applied then needs to find why, in the above issue Windows 10 GPO Templates are not available on the Domain controllers which is causing the issue
Also Read: Understanding SYSVOL/GPO replication
To Resolve the issue
Need to add new Windows 10 admx files to the Group Policy Central Store and then deploy them to fix the issue
Also Read: PowerShell command to extract Group policy result for a list of Servers
You should have a Windows 10 template to edit the Windows 10 related settings/policies on GPMC, and all you Domain Controllers should be updated with Windows 10 admx files with there Group Policy Central Store to avoid issues like this.
Following steps need to be followed
Also Read: Windows Group Policy Interview Questions and Answers
Check UNC hardening for netlogon and sysvol Shares in the registry
By default UNC hardening is enabled in Windows 10 which might causing the issue and you will get event ID 1058 with Error code 53 (The network path was not found), use below registry settings to disable UNC hardening in Windows 10
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths
“\\*\SYSVOL”
“RequireMutualAuthentication=0”
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths “\\*\NETLOGON”
“RequireMutualAuthentication=0”
Microsoft fixed this issue with patch
Also Read: Group policy is not applying/working after patching (GPO Permission issues)
No issues are reported on the normal check out, default domain policy has all the necessary settings which are not reaching the Windows 10 machines, while troubleshooting the issue found they haven’t imported the Windows 10 Group Policy Templates to there Windows Server 2012 R2 Domain Controllers, so the Local logon DC can’t even communicate with Windows 10 Machines via GPO
How to check the Windows 10 System is the GPO’s are applied from DC?
you can use gpresult /v to get the detailed report of all applied policies
RSOP.MSC tool to check the same in GUI, rsop is very easy tool which shows all applied settings and from which policy its getting applied
If the policy not even applied then needs to find why, in the above issue Windows 10 GPO Templates are not available on the Domain controllers which is causing the issue
Also Read: Understanding SYSVOL/GPO replication
To Resolve the issue
Need to add new Windows 10 admx files to the Group Policy Central Store and then deploy them to fix the issue
Also Read: PowerShell command to extract Group policy result for a list of Servers
You should have a Windows 10 template to edit the Windows 10 related settings/policies on GPMC, and all you Domain Controllers should be updated with Windows 10 admx files with there Group Policy Central Store to avoid issues like this.
Following steps need to be followed
- Download the Windows 10 new templates
- Extract the admx and adml files
- Copy them to the Group Policy Central Store
- New GPO’s can be crated with new settings
- Check the settings which we have implemented
Also Read: Windows Group Policy Interview Questions and Answers
Check UNC hardening for netlogon and sysvol Shares in the registry
By default UNC hardening is enabled in Windows 10 which might causing the issue and you will get event ID 1058 with Error code 53 (The network path was not found), use below registry settings to disable UNC hardening in Windows 10
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths
“\\*\SYSVOL”
“RequireMutualAuthentication=0”
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths “\\*\NETLOGON”
“RequireMutualAuthentication=0”
Microsoft fixed this issue with patch
1 Comments
thanks bro...
ReplyDeleteWhatsapp group link
UK Deals
Happy Diwali Wishes
Happy Diwali Images
GBwhatsapp latest version
App Cloner Pro APK