I am trying to locate a group policy deployment issue I have.
The problem is that domain related GPO's are filtered out. We renamed our domain lately from: CONTOSO to: lan.CONTOSO.com (Netbios name is: CONTOSO and unchanged).
I started to investigate, and the first sign of problem is when running BGinfo - we still see in the LOGON DOMAIN and MACHINE DOMAIN: CONTOSO and not what I would think I want to see: lan.CONTOSO.com
If I run : GPresult, the domain I see is: lan.CONTOSO.com (as well as correct DC, OU values)
- This error is all over the computers (including the DC)
So: what should I see in the BGinfo report? and how to fix it, if it's wrong.
EDIT:
Here are : gpresult /h results
Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001
Created On 24/11/2014 at 11:37:00 AM
RSOP data for CONTOSSO\user.admin on LTLVADMIN1407 : Logging Mode
---------------------------------------------------------------------
OS Configuration: Member Workstation
OS Version: 6.1.7601
Site Name: SiteIL
Roaming Profile: N/A
Local Profile: C:\Users\user.admin
Connected over a slow link?: No
COMPUTER SETTINGS
------------------
CN=LTLVADMIN1407,OU=Laptops,OU=Default,OU=CONTOSSO_Computers,DC=lan,DC=CONTOSSO,DC=com
Last time Group Policy was applied: 24/11/2014 at 10:06:21 AM
Group Policy was applied from: DC3.lan.CONTOSSO.com
Group Policy slow link threshold: 500 kbps
Domain Name: CONTOSSO
Domain Type: Windows 2000
Applied Group Policy Objects
-----------------------------
Default Domain Policy
SpiceWorks Firewall
Firewall - Disabled
Printers
Sophos Tasks Enabler
Logon - Enable Verbose State
WSUS - Default
The following GPOs were not applied because they were filtered out
-------------------------------------------------------------------
Local Group Policy
Filtering: Not Applied (Empty)
The computer is a part of the following security groups
-------------------------------------------------------
BUILTIN\Administrators
Everyone
SQLServerMSSQLServerADHelperUser$LTLVADMIN1407
SophosUser
BUILTIN\Users
NT AUTHORITY\NETWORK
NT AUTHORITY\Authenticated Users
This Organization
LTLVADMIN1407$
System Mandatory Level
USER SETTINGS1
--------------
CN=ADMIN User,OU=IT_Department,OU=CONTOSSO_Users,DC=lan,DC=CONTOSSO,DC=com
Last time Group Policy was applied: 24/11/2014 at 11:05:04 AM
Group Policy was applied from: DC3.lan.CONTOSSO.com
Group Policy slow link threshold: 500 kbps
Domain Name: CONTOSSO
Domain Type: Windows 2000
Applied Group Policy Objects
-----------------------------
Default Domain Policy
Drive Mappings
Printers
The following GPOs were not applied because they were filtered out
-------------------------------------------------------------------
SpiceWorks Firewall
Filtering: Not Applied (Empty)
Local Group Policy
Filtering: Not Applied (Empty)
Sophos Tasks Enabler
Filtering: Not Applied (Empty)
Logon - Enable Verbose State
Filtering: Not Applied (Empty)
Firewall - Disabled
Filtering: Not Applied (Empty)
WSUS - Default
Filtering: Not Applied (Empty)
The user is a part of the following security groups
---------------------------------------------------
Everyone
HelpLibraryUpdaters
SophosUser
SophosAdministrator
BUILTIN\Users
BUILTIN\Administrators
NT AUTHORITY\INTERACTIVE
CONSOLE LOGON
NT AUTHORITY\Authenticated Users
This Organization
LOCAL
High Mandatory Level
Here is the UserDnsDomain on computer
C:\Users\user.admin>echo %UserDnsDomain%+
LAN.CONTOSO.COM+
The GPO I refer to is not even shown in the list: It's a logon script, which is a user configuration value.
GPO Info
Group policy Modelling
I think here lies the problem, my username is defined as: CONTOSSO\user
and user container as: lan.contoso.com\contoso_users.
The GPO I need is not shown either.
Problem lies maybe in the Netbios name? Cached value ?
