I'm falling my hairs with this domain gpo problem

From: Gerson Brunhara Guimaraes (gersongui@uol.com.br)
Date: 09/22/02

From: "Gerson Brunhara Guimaraes" <gersongui@uol.com.br>
To: <focus-ms@securityfocus.com>
Date: Sat, 21 Sep 2002 20:20:54 -0300

Hi all,
I'm having problem with a domain policy. It doesn't arriving at w2k

configuration: 2 DCīs W2K Server for Domain1 and 2 DC's W2K Server for
Domain2, both with sp3.
I deployed a domain policy (account policies for computer and adm templates
for user). I have tested domain1 policy in several ways and all seemed well.
After one week, I did the same for the 2nd domain, but it was unsucessfull.
I didnīt undertand. I checked domain1 and it unhealth too. The gpresult log
indicated that the domain gpo had been applied, but it wasn't true. I
changed domain gpo, but nothing happened. All alternatives failed.
Then I decided to restart the servers. After this, I saw gpresult log and
only local security policy was explicitly applied. After restart the
servers, only local security policy was showed in the gpresult log (for both
domains). Account policy, age, complexity password are on and ok. Computer
domain policy is going well even nothing more than local policy is showed
into gpresult log.

What I tried?

1. Replmon: ok for all DCīs
2. Gpotool: ok for all policies.
3. Several unsucessfull combinations, disabling the current domain policy
and creating new ones.
4. Two new different user accounts on four different network computers for
each domain.
5. I changed computers name. I removed them from domain and added them
again. Failed too.
6. All event logs are cleaning. No problems related...

When domain1 gpo has been deployed I remember W2K Prof were SP1. Domain2 gpo
was deployed after w2k computers have been elevated to sp3. I donīt know
whether itīs a problem or not.

Any help will be apreciated.