Hey everyone! We're currently testing the Microsoft Windows 10 Security Baseline Group Policy Objects (GPOs) in our Active Directory using a test device. Most GPOs apply without any issues, but we've hit a snag with a couple of User Configuration GPOs that aren't working. The ones we're struggling with are:
- MSFT Internet Explorer 11 – User
- MSFT Windows 10 2004 – User
The device is properly domain-joined, and other GPOs function as expected. I'm puzzled about why these two specific GPOs aren't applying. What steps can we take to identify the root cause? Any advice on what we should check would be greatly appreciated!
3 Answers
Since we already enabled loopback processing and applied all CIS GPOs, including user ones directly to the device's OU, we definitely want those user GPOs to apply as well. Does anyone have insights on how we could make that happen?
It sounds like you might be trying to apply a User GPO to a device that doesn't have loopback processing enabled. You could try using the Resultant Set of Policy (RSOP) tool to see how policies are being applied to your user and machine setup.
Be cautious when enabling loopback processing unless you're clear on what it entails. It's okay for a test machine that you're planning to reset, but just remember that in a real deployment, it's the users who will be impacted, not the devices. Instead, I suggest creating test users in a separate Organizational Unit (OU) and applying the GPOs there for proper testing.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures