Cyrius Posted May 2, 2012 Share Posted May 2, 2012 Hi,I have a policy created for my new WSUS install, which contains basically all endpoint client computers. All the GPO does is set the update interval and point to my intranet WSUS server.The issue I am having is that I created a security group in AD which contains all of my endpoints that I plan on pointing to the WSUS server, but only a handful of my approximately 50 endpoints are actually picking up the policy.I had read somewhere that this could be a DNS issue, so I checked there. There were duplicate entries for my DC, but removing the duplicates did not change anything.Also, to be clear I used Computers, not Users in the group. I had made that mistake already. Link to comment Share on other sites More sharing options...
fizban2 Posted May 3, 2012 Share Posted May 3, 2012 what OS is running on the endpoints? for XP run gpupdate /r then gpresult on the endpoint for windows 7 or 8, from an elevated command line run gpupdate /r then a gpresultyou should see your group policy listed in the resulting list of group policies applied to the machine. If not run a group policy modeling wizard from the GPMC console on one the machines that should be getting the policy. at that point you may have to turn on verbose logging on the machine for GPO if it applying but reciving the settings. Link to comment Share on other sites More sharing options...
Cyrius Posted May 3, 2012 Author Share Posted May 3, 2012 Gpupdate didnt do anything, that is part of the reason I was worried. BUT the systems started to fill in. It just took two days.Upon researching why it appears this particular type of policy requires a full reboot, and two at that. One to initiate the change and one to apply it is how I read it described.They also suggested requiring full network credentials instead of cached credentials but I did not do that because many of our users use laptops, and i did not want to potentially stop offsite logins. (Computer config -> Policies -> Adm. Templates -> System -> Logon -> 'Always wait for the network at computer startup and login')Sorry to waste your time! At least this may help someone else who is in panic mode like I was. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now