Refreshing Group Policy Settings Windows Server 2003

Active Directory
Microsoft Windows
SQL Server
I have been recenlty been configuring my group policies for various OUs and at first I thought I was doing something wrong because none of the settings would work, but I think maybe they are just taking awhile to apply to the computer. Is there a way to make them refresh faster? I rebooted the client 10 times and ran gpupdate /force on the DC. Eventaully he settings applied. The workstation is running Windows XP and the DC has Server 2003. Does windows XP cache the policy or something?

Answer Wiki

Thanks. We'll let you know when a new response is added.

I see different possible reason:
– Network issues: DNS / slow speed (you can configure the update depending the net speed, is this setting done?)
– The gpupdate /force must be run on the client, not on the DC
– You set user level GPo on a OU containing only computers, or the reverse.
– …

I hope it will help you a little bit… (I am not a GPo Guru, I’m more a GPo “normal” user)

Discuss This Question: 5  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Tmac24
    I actually just went through some ething very similiar. It endedup the sysvol was in a journal wrap state. Do you have multiple DCs? Check the File Replication logs to see if there are any errors. Make sure replication is occuring. dcdiag, Netdiag and replmon are excellent tools to trouble shoot replication errors. Also look at the event logs on the client machines. Check to see if you have erros mentioning the policy not being found.
    0 pointsBadges:
  • BIGFella
    skepticals, Are your switches running STP? as this can cause GPO's not to process if fast logon optimisation is enabled, or multiple reboots are required bofore the GPO applies. Try disabling the fast logon optimisation on an OU (that has a computer and user account in it) using the following GPO setting:- Computer Config/Admin templates/system/logon :- Always wait for the network at computer startup & logon = enabled. To make group policy refresh quicker the following GPO setting can be changed (this only affects workstations or servers that are allready fired up and logged on to the network either by user or computer authentication: - Computer config/Admin templates/system/group policy :- Group policy refresh interval for computers, Group policy refresh interval for domain controllers. Default computer refresh = every 90 mins Default domain controller refresh = every 5 mins (recommend that you don't change this setting due to network overheads).
    0 pointsBadges:
  • Jcan123
    Actually the client (XP)is cahing the group policy locally. The client is looking at the version number of the group policy to check wether an update is necessary (you can update the version number in the group policy files on the SYSvol share on the DC if you want to). Another thing - when you edit a Group Policy then you (default) edit it on the PDC emulator and changes have to replicate to other DC's from there. So maybe you have a latencey until changes have been replicated to the DC you're using for logon ( ex because of site relationsship) or DNS preferences set on the SRV record. You can trigger INTRA site replication through "Active directory Sites and Services".
    0 pointsBadges:
  • Titatius
    I recently had this problem as well, and was completely baffled as to why I couldn't force the gp update when I was working from the DC. It turned out that I had to close the policy editor AND AD Users & Computers MMC to get the changes to update immediately. (I was editing policies from AD Users & Computers.) Once I closed the MMC I could use gpupdate on the client to refresh the policy immediately. HTH, -T
    0 pointsBadges:
  • Skepticals
    titatius, I believe you are correct because my problem has seemed to 'fix itself'. I wasn't sure why, but I also leave the editors open. This is probably what my problem was. Everything seems to be working now. I have a simple setup in a test environment of a small switch, the DC, and two workstations; so the other suggestions I think are two complex for my environment. Thanks to everyone who responded. I am keeping this informations for when I go live.
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: