Wizzykin Posted July 27, 2006 Share Posted July 27, 2006 Here's my deal. I got Server 2003 so that I could mess around with it and basically learn a bunch at home. I'm in college right now for this sort of stuff - but we haven't really learned this yet...anyway - here's the problem.Some changes I make on the 2003 machine have no effect on the XP machine.They're on different computers. I've added the XP Pro machine to the 2003 domain...now - here's an example.I want to make it so users can change the system time...when i go to the "Domain Security Settings" and enable it for "Everyone" (or even specifically put in the user name I'm using to log on with), it doesn't even effect the XP machine. Instead, i have to go to the local XP settings (with an administrator log on) and change the local policy setting there - then users can change the system time.Is there some way to over ride that? It doesn't make sense to me that there would be an option on the 2003 server if it's not going to override the XP machine's local settings. Link to comment Share on other sites More sharing options...
allen2 Posted July 27, 2006 Share Posted July 27, 2006 If you're speaking about a GPO on the 2003, it should work after doing a gpupdate on the XP and/or a reboot.Other than that, all security settings about time i can see would affect the 2003. Link to comment Share on other sites More sharing options...
nitroshift Posted July 27, 2006 Share Posted July 27, 2006 Make sure that you log into the domain with the xp machine and that the user account is set in the server machine. In rest, any changes made in the GPO on the server will affect the way the xp machine will behave. Link to comment Share on other sites More sharing options...
Wizzykin Posted July 27, 2006 Author Share Posted July 27, 2006 I am :\ not workingI tried making a new OU - then added the user to that... I made a policy in there even with "Everyone" allowed to change system time...logged on to the XP machine with the user name from that unit and it still doesn't let me change the time.Is it possible that if it's not a roaming profile - it won't work?I just tried something else and no luck. I went to the user screen and clicked the "make user change password at next login" thing - and then went to log on with the XP machine and didn't have to change my password... perhaps something's not working properly? Link to comment Share on other sites More sharing options...
fizban2 Posted July 27, 2006 Share Posted July 27, 2006 it sounds like you are not logging into the domain or are not connected to the domain, make sure that you are logginging into the domain and not the local machine, at the logon screen hit the options button to display where the machine is logging into, this should be set to the Domain you create on the server 2003 machine Link to comment Share on other sites More sharing options...
stickzilla Posted July 27, 2006 Share Posted July 27, 2006 As an addendum to what Fizban said -To make sure you are receiving your GPOs, once you have logged in, go to your command prompt and entergpresultit will then display what GPOs are applied as well as other information that will let you know if you are properly talking with your DC or not Link to comment Share on other sites More sharing options...
fizban2 Posted July 27, 2006 Share Posted July 27, 2006 As an addendum to what Fizban said -To make sure you are receiving your GPOs, once you have logged in, go to your command prompt and entergpresultit will then display what GPOs are applied as well as other information that will let you know if you are properly talking with your DC or not thanks stick, forgot about that Link to comment Share on other sites More sharing options...
Wizzykin Posted July 28, 2006 Author Share Posted July 28, 2006 Kind of figured out what happened. It's not a roaming profile - so the first time I logged on, I was ok - but after that it seemed it wasn't connecting to the server, but it loading ok because the profile was stored locally on the machine.I tried making a new name and can't connect to the server with it to save my life... freaking thing.I uninstalled AD and reinstalled it... then I joined the domain with the computer again... XP restarted and now I can't log on with the login because the domain apparently isn't available... still trying to figure out what the hell the problem is with it :\why it would add itself to the domain in the first place, then say the domain isn't available after the restart is beyond me. Link to comment Share on other sites More sharing options...
nitroshift Posted July 28, 2006 Share Posted July 28, 2006 (edited) This is what you have to do (your server must be running at all times while doing this):1. In the AD create the user logon name of the XP machine.2. Set whatever policies you want in GPO.3. Log into the XP machine as administrator (or another user with administrative rights).4. Under My Computer ---> Properties ---> Computer Name ---> Change, set the domain you created in the server.5. Restart the XP machine when prompted.6. After reboot, when you are presented with the "Press Ctrl+Alt+Del" popup click on "options" and choose the domain to log onto, not the local machine and instead of administrator type the user name that you have set in the AD.This would be pretty much all you need to do. You may also need to make sure that the cables connecting the 2 pc's are ok and they are in the same IP class / subnet mask.Regards,nitro Edited July 28, 2006 by nitroshift Link to comment Share on other sites More sharing options...
fizban2 Posted July 28, 2006 Share Posted July 28, 2006 check to make sure that the hardware is working too either the 2 computers are connected or through a switch or HUB Link to comment Share on other sites More sharing options...
Wizzykin Posted July 29, 2006 Author Share Posted July 29, 2006 It finally connected... it seems like it's just a crapshoot.Basically I just kept trying to join the domain and it kept failing... then finally it worked... now it seems fine.So - I've got a roaming profile going. But it seems to still not be taking in some of the options.It took in the new password settings fine (I changed them to test it out) - but other things still just won't work - like allowing the user to change system time...I type gpresult and I get:Getting the SID information...Info: The Policy Object Does Not ExistNot sure what that means... Some policies take place - like I said, the password policy changes worked. Link to comment Share on other sites More sharing options...
Wizzykin Posted July 29, 2006 Author Share Posted July 29, 2006 This is confusing me. Perhaps I'm not applying policies right?I created a new user name. I set the profile path to \\server\profiles\jmaddenI logged onto the XP machine with the name, made some changes, and logged back off. It created the folder to my 2003 machine and saved it... So, I know I logged onto the domain properly.However - when i do that gpresult thing (after doing gpupdate), I always get that "Policy Object Does Not Exist"I tried the same thing on the server machine and I got a ton of information... but it always fails on the XP machine.I made the user name and changed nothing but the profile path - i left the generic "users" membership thing it does.Then i went to start->programs->admin tools->domain security policythen I changed stuff around in there. The password stuff works - since it has to read that to log on, I suppose (I made the user have to change their password, and the restrictions worked)...I also went to the users/computers screen and right clicked on mytestdomain then his properties and edited the generic group policy "default domain policy". Now - those changes worked on the 2003 machine - but still didn't effect the XP machine at all when I logged on.I'm trying to set things to learn - but it's not going so well hahaI want to allow the user to set the system time, not be able to change their desktop wallpaper, etc... I can set the settings - and they work locally on the 2003 machine - but not when I log onto the XP machine. Although, I made a new name - so I know i'm logging onto the domain fine, because there wouldn't be a profile locally for it to log on with. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now