Re: After enabling GPO, client pc needs synchronization
- From: David <David@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 14 Jul 2006 21:28:01 -0700
Wow, this is very interesting and important!! completely new for me. Thank
you Steve for all the helps! By the way, I read all the links you send me
and they are all helpful. I was using folder redirection and roaming profile
together but got some concepts unclear. Now I understand more and I will
also implement DFS as one of the article advise.
Best Regards,
-David
"Steven L Umbach" wrote:
Sure David. Read the KB article below and it will explain the importance of.
correct DNS configuration. In an Active Directory domain DNS is used as a
resource locator such as to find domain controllers, etc in addition to host
name resolution.
Steve
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382
DNS is the backbone of Active Directory and the primary name resolution
mechanism of Windows 2000 and Windows Server 2003. Windows 2000 and Windows
Server 2003 domain controllers dynamically register information about
themselves and about Active Directory in DNS. Other Windows 2000 and Windows
Server 2003 domain controllers, servers, and workstations that are part of
the domain query DNS to find Active Directory-related information. If DNS is
not set up correctly, domain-wide issues can occur such as replication
between domain controllers. You may also be unable to log on to the domain
or to join the domain from a workstation or server.
Question: What are the common mistakes that are made when administrators set
up DNS on network that contains a single Windows 2000 or Windows Server 2003
domain controller?
Answer: The most common mistakes are: . The domain controller is not
pointing to itself for DNS resolution on all network interfaces.
. The "." zone exists under forward lookup zones in DNS.
. Other computers on the local area network (LAN) do not point to the
Windows 2000 or Windows Server 2003 DNS server
"David" <David@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EEBD0BF2-EDFB-4208-9025-7586344DCBFF@xxxxxxxxxxxxxxxx
Steve,
Thanks again for the reply. The reason I use roaming profile is that I
like
its feature to cache user settings, such as Outlook cached email
addresses.
One of the key points in your email indicates "GP problems are often a
result of incorrect DNS configuration - that domain pcs are not pointing
to
DCs ONLY as their DNS servers." Unfortunately, this is exactly the case
for
our network. Do you have any web articles to support your idea? such as
from Microsoft? (I am sorry to say that. It's not that I don't trust you
but I would like to do more research on this). I am reading the links
you
are sending me and I am sure I will get more info out of them. Thanks
you!
-David
"Steven L Umbach" wrote:
I have not used offline files enough to know how well it works or does
not
work with roaming profiles but I would say you may want to consider
trying
to use redirected folders instead of roaming profiles unless you have a
particular need for roaming profiles. With redirected folder's the users
entire My Documents folders, etc does not need to be downloaded locally
to
the computer they logon to. If you want more info on that compared to
roaming profiles you may want to post in the setup_deployment newsgroup.
The links below explain redirected folders more.
As far as Group Policy troubleshooting you can use rsop.msc on the client
computer or run the mmc snapin for Resultant Set of Policy on a Windows
2003
domain controller to see what Group Policy settings are being applied to
the
computer and user and from what Group Policy. Group Policy problems are
often a result of incorrect DNS configuration in the domain in that
domain
controllers are not pointing only to themselves and possibly another
domain
controller as their DNS servers and that domain computers are not
pointing
to domain controllers ONLY as their DNS servers. Running the support tool
netdiag on domain controllers and domain computers will often reveal
problems, if they exist, that can affect Group Policy as can looking in
the
application log via Event Viewer for events such as userenv related that
indicate a domain controller can not be located.
Another common problem with Group Policy application is that the computer
or
user in question is not in a container/OU that the Group Policy is
applied
to. The support tool gpresult when run on a domain computer will display
what Group Policies are being applied to the user and computer and from
what
domain controller. When testing Group Policy changes remember it can take
up
to two hours for Group Policy changes to propagate to a domain computer.
To
speed that up run the command gpupdate /force on the domain controller
and
then do the same on the domain computer or reboot it. --- Steve
http://www.windowsdevcenter.com/pub/a/windows/2004/08/24/folder_redirect.html
http://www.windowsnetworking.com/articles_tutorials/Profile-Folder-Redirection-Windows-Server-2003.html
http://www.microsoft.com/technet/community/newsgroups/upfrfaq.mspx
http://technet2.microsoft.com/WindowsServer/en/Library/60b2157c-aa5b-44f2-b045-b74d2fd1bf701033.mspx?mfr=true
"David" <David@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:4FB693F5-0961-4AB9-8865-8B314DCBB1BE@xxxxxxxxxxxxxxxx
Steve,
thanks for the reply. The links are very helpful. Also, I forgot to
mention
I also set up roaming profiles for these users. I wonder if that's why
I
will receive the synchronization message. But on some other users that
I
set
up roaming profiles, these users don't see the synchronization message.
It
also seems my group policies not applied successfully to all machines.
I
will look into the problem futher.
Regards,
-David
"Steven L Umbach" wrote:
It sounds like you have offline files available for users. There are
several
Group Policy settings for offline files for user and computer
including
three for synchronize that you need to review under administrative
templates/network/offline files but make sure you read the full
explanation
of each setting before configuring it. The links below explain more.
Steve
http://technet2.microsoft.com/WindowsServer/en/Library/9dba5df2-0359-4fa4-bdcf-dd6ae5ca345e1033.mspx?mfr=true
http://technet2.microsoft.com/WindowsServer/en/Library/616ca5d0-cc7e-46c9-b00f-1f926506435c1033.mspx?mfr=true
http://www.jsifaq.com/SUBQ/TIP8400/rh8473.htm
"David" <David@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6266AD08-DF4E-43BE-9170-CC93CF2F1A12@xxxxxxxxxxxxxxxx
Hello All,
I recently enabled group policies for my network Win XP comptuers
from
a
Win
2003 DC. After this, I realized when "some" users try to log on to
their
comptuers, the computers have to synchrize the users' mapped network
drives,
and then when users try to log off from their accounts, the
comptuers
have
to
go through the synchronization process again. Users don't want to
work
offline at all time, and don't want to see the synchronization
message.
Sometimes when they open their network drives, the drive is
completely
blank.
I will have to do a manual synchronization before all contents to
show
up.
I have checked my group policy report a couple times, but I don't
see
any
settings related to synchronization. Could you shed some lights on
this
issue? Thank you.
-David
- References:
- Re: After enabling GPO, client pc needs synchronization
- From: Steven L Umbach
- Re: After enabling GPO, client pc needs synchronization
- From: Steven L Umbach
- Re: After enabling GPO, client pc needs synchronization
- From: David
- Re: After enabling GPO, client pc needs synchronization
- From: Steven L Umbach
- Re: After enabling GPO, client pc needs synchronization
- Prev by Date: Re: security centre
- Next by Date: Re: security centre
- Previous by thread: Re: After enabling GPO, client pc needs synchronization
- Next by thread: Re: password problem
- Index(es):
Relevant Pages
|
