Group Policy Preferences File Copy - Access is Denied on 2003 but not 2008 R2

Similar Messages

• Group Policy client Service Error - Access is denied

  I am
  at domain admin working on windows 7 roaming profiles, testing with a
  staff user.  I am in a domain environment.  I have changed the
  profile path for a user to the folder I created for new windows 7 roaming
  profiles.  gave it all the permissions noted here and followed these steps
  at Microsoft's deploying roaming profiles page for win 7.<o:p></o:p>
  once I logged in the user,
  it created their profile.v2 but I still couldn't access it.  getting
  access denied.  so I went back and changed the staff roaming profile back
  to the original profile path.  didn't make any group policy changes. 
  but now she gets group policy client service failed to logon. access is
  denied.  I have deleted the .v2 profile that win 7 creates in her old
  profile path, moved her profile path back to what is was before testing,
  retested her xp profile which does work and she can login and work. 
  but the win 7 machines no matter where she logs in, will not work.  they
  all give the same error about group policy client service failed.  no
  other users are having this problem

  Hi,
  Regarding the issue here, have you checked the below thread?
  Group
  Policy Client Service Failed the logon - Access Denied: Windows 7 Ultimate/Server 2008 R2
  Please take a try with the steps mentioned by Nina Liu.
  QUOTE here:
  At this time, let’s refer to the following steps for troubleshooting:
  1. Open registry editor on the problematic Windows 7 machine (please log in as domain admin)
  2. Highlight HKEY_USERS, choose File -> Load Hive, browse to the location of one failing roaming profile and open NTUSER.DAT file, click open
  3. Under Key Name, enter any name you like, but remember what you have entered, such as enter "test"
  4. Expand, HKEY_USERS, you should see new registry hive called "test" or any name you entered earlier
  5. Right click on that "test" hive and choose permissions. Confirm that the following users have permissions:
  - Administrators: Full Control
  - SYSTEM: Full Control
  - User (or group) that owns this profile: Full Control
  6. If the permissions were wrong, correct them, then click on Advanced tab, on Advanced tab and enable "Replace permission entries on all child objects with entries
  shown here that apply to child objects" and click Apply.
  7. Highlight "test" registry hive, then click on File -> Unload Hive to release handle on NTUSER.DAT file.
  8. Log off and log on with the failing roaming profile you have just modified.
  Any process, please feel free to contact us.
  Best regards
  Michael Shao
  TechNet Community Support

• Cannot Copy File with Group Policy Preferences

  Hi,
  I am trying to use a Group Policy Preference to copy a simple text file from a network share to a folder at the root of 'C:\' on the clients. It is not happening. I created the preference in the computer section of the GPO. It is set to create, as the file
  does not already exist on the client, with the archive bit on.
  Source: \\server.domain.com\folder\fileshare\file.txt
  Destination: C:\folder
  GPResult shows the clients are getting the GPO, but it seems as if that one setting and another is not being applied. I have no idea why this isn't working when other parts of the GPO are being applied. I read
  the documentation on the Technet page, but I must have missed something.
  Any ideas why this might not be working?
  Thanks
  Jason Watkins MCSE, MCSA, MCDBA, CCNA

  > Computers" has read access. Listing the actual file name in the
  > destination is something I would have never though to do.
  ...unless the path ends with an "\", it IS a file name, so if you had
  "C:\Folder" as the target, check your C:\ drive for a file called
  "Folder" :)
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))

• Group policy preferences CSE

  Hi,
  I'm in a mixed server infra (2008 and 2003) and would like to deploy GPE for rebooting, I've tried to approve KB9433729 but wsus will not approve as its expired, what is the quickest way to get this update out to the 2003 servers. 

  Hi Ror73,
  After my testing, please download this KB from the followng link and manually install it:
  Group Policy Preference Client Side Extensions for Windows Server 2003 (KB943729)
  Group Policy Preference Client Side Extensions for Windows Server 2003 x64 Edition (KB943729)
  Regards,
  Lany Zhang

• Windows 2008 R2 - Group Policy Preference - folder option "Open with" Access denied

  Similar to this post:
  social.technet.microsoft.com/Forums/en-US/d42a81bc-96de-4af3-bc41-079e88e6ea4a
  We have Citrix terminal servers running Windows 2008 R2 and attempting to force PDF files to open with Acrobat versus PDF editing software we have installed for a small subset of users.  So I created a Group Policy Preference and added a OpenWith item
  to the Folder Options to use Acrobat as the default and linked it to a Users OU.  However, if I run gpresult the OpenWith setting fails with error code 0x80070005.  You can change it to not run in the user's security context which eliminates the
  error but then it won't actually do anything.
  The problem seems to be that when a user sets another program as their default via Windows Explorer the permissions on HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\UserChoice get changed so that the user is specifically
  denied the ability to set that key.  Remove the special permissions added and the group policy succeeds and changes it back to the default ... until the user changes it back (intentionally or otherwise) and the permissions are changed again.
  Any ideas here?

  > Any ideas here?
  We use GPP Registry to achieve this goal, so we do not run into that
  issue (we unchecked "run in users context", so privs are not an issue)
  But I agree, this really should work as intended...
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))

• Group Policy Preference: Problem Adding Network Locations

  Group Policy Preferences (GPP) do not currently support correctly creating shortcuts in Network Locations/My Network Places the way Windows produces them when you go through the "Add a network location" wizard. Unfortunately, the GPP simply creates a standard shortcut instead of creating a folder that contains target.lnk and desktop.ini (the way the "Add a network location" wizard does).
  I was curious to know when the GPP engine will be updated to correctly add Network Locations the way the "Add a network location" wizard does?
  Thanks.

  Talfr77,
  I would like to know what environment you tried this under.  I made policy like you described on a 2012 domain controller and the resulting shortcut worked fine on windows 8 clients and on the 2012 servers.
   However, the 2008 servers and windows 7 clients didn't work.  They simply got a folder with two files.   It would appear that the format of the target.lnk file may be different between versions of windows.  I took a target.lnk from a
  working shortcut made on a 2008 server and put in on a 2012 server and the result was it not recognizing the shortcut.
  It is also worth noting for anyone who wants to try this method, that in step 2 of Talfr77's directions he says to copy the desktop.ini file using the GPP file copy function to the subfolder with the target.lnk file.  He didn't mention how to accomplish
  that.   You can store the desktop.ini file anywhere on your network as long as the UNC path to it is accessible to the user.  I suggest you store it right in a subfolder of the GPO in the sysvol to keep things tidy.  So that UNC would be the
  source path. (example would be \\domain.local\SYSVOL\domain.LOCAL\Policies\{020DBAF4-2631-4246-8811-DE02F7613959}\desktop.ini) The destination path will be %appdata%\Microsoft\Windows\Network Shortcuts\<Subfolder name>\desktop.ini
  The same goes for his step 3 where you edit the folder attributes.  The folder you want to edit is %appdata%\Microsoft\Windows\Network Shortcuts\<Subfolder name>
  Karl

• How can I setup a scheduled task to run a Powershell Script delivered as a Group Policy Preference

  I have a Powershell script I want to run only once when a user logs onto their system. This script would move all the PST files from the Local drive and the Home drive to a folder location within the users profile. I wanted to run this as a Windows 7 Scheduled Task using Group Policy Preferences. How can I get this to happen short of a logon script? I have updated all the machines to WMF 4.0 so could I use a Scheduled Job instead? I wanted to run the script as the logon user but elevated.#Start Outlook and Disconnect attached PST files.
  $Outlook = New-Object -ComObject Outlook.Application
  $namespace = $outlook.getnamespace("MAPI")
  $folder = $namespace.GetDefaultFolder("olFolderInbox")
  $explorer = $folder.GetExplorer()
  $explorer.Display()
  $myArray= @()
  $outlook.Session.Stores | where{ ($_.FilePath -like'*.PST') } | foreach{[array]$myArray+= $_.FilePath}
  for
  ($x=0;$x-le$myArray.length-1;$x++)
  $PSTPath= $myArray[$x]
  $PST= $namespace.Stores | ?{$_.FilePath -like$PSTPath}
  $PSTRoot= $PST.GetRootFolder() #Get Root Folder name of PST
  $PSTFolder= $Namespace.Folders.Item($PSTRoot.Name) #Bind to PST for disconnection
  $Namespace.GetType().InvokeMember('RemoveStore',[System.Reflection.BindingFlags]::InvokeMethod,$null,$Namespace,($PSTFolder)) #Disconnect .PST
  #Move All PST files to the default location while deleting the PST files from their original location.
  $SourceList = ("$env:SystemDrive", "$env:HOMEDRIVE")
  $Destination = ("$env:USERPROFILE\MyOutlookFiles")
  (Get-ChildItem -Path $SourceList -Recurse -Filter *.PST) | Move-Item -Destination $Destination
  #Attach all PST files from the default location.
  Add-type -assembly "Microsoft.Office.Interop.Outlook" | out-null
  $outlook = new-object -comobject outlook.application
  $namespace = $outlook.GetNameSpace("MAPI")
  dir “$env:USERPROFILE\MyOutlookFiles\*.pst” | % { $namespace.AddStore($_.FullName) }

  Mike,
  I do not understand what appears to be a regular expression above. I did add the PowerShell script to the HKCU RunOnce Key as suggested.
  Windows Registry Editor Version 5.00
  C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -noprofile -sta -WindowStyle Hidden -ExecutionPolicy RemoteSigned -File "C:\scripts\Windows PowerShell\Move-PST.ps1"
   I'm delivering this using Group Policy Preferences. It seems to fail or time out when run because the behavior is different if I run the script from within the PowerShell IDE. I added the parameters to the script and will try it again in the morning.

• Group policy Preferences server 2008 and windows 7

  Hi I have been struggling with an issue with group policy preferences for a while now with regard to pushing out printers to windows 7 (32/64 bit) Machines. I have two DC servers one is 2008 and the other is 2008 r2. I have setup the group policies on the
  2008 server as it is the only one i am allowed to access regularly to do this.
  Basically here is my problem. I have created multiple GPO's to send out printers from out print server to classrooms across the school district I work for, I have a mix of xp and windows 7 machines. I have the server setup with both 32 and 64bit drivers
  for all printers on that server, we have a mix of oki and hp and ricoh. I know all the connections work and the drivers work well, however when I push them out using the group policy, the windows 7 machines don't install the printers. The xp machines do this
  perfectly well when I install the client side extensions patch, but they just will not pull down on the 7 machines unless i install the printer first manually, then delete it and then run gpupdate. In that instance it will work, but obviously i don't want
  to have to go round thousands of computers doing this manually.
  Just as a side note, each classroom has its own user account and its own printer.
  If anyone has any advice as to how i can go about resolving this issue i would greatly appreciate it, this has been a problem i have been researching and trying to fix since January.......

  Hi,
  >>The xp machines do this perfectly well when I install the client side extensions patch, but they just will not pull down on the 7 machines unless i install the
  printer first manually, then delete it and then run gpupdate.
  Before going further, we can run command
  gpresult/h gpreport.html with admin privileges to collect group policy result on the troubled Windows 7 clients to check the issue. Besides, we can also check event logs in Event Viewer to see if some related error events were logged.
  Besides, I want to confirm if we have disabled
  Point and Print Restrictions under both User Configuration and Computer Configuration. To have a consistent experience, it’s recommended that we disable the policy setting in both locations if we are dealing with mixed-level clients.
  Regarding this point, the following article can be referred to for more information.
  Point and Print Restrictions policies are ignored in Windows Vista SP2, Windows Server 2008 SP2, and later Windows operating systems
  http://support.microsoft.com/kb/2307161/en-us
  Best regards,
  Frank Shen

• [Forum FAQ] Group Policy Preferences Scheduled Tasks Item not working when the option Run whether user is logged on or not is selected

  Scenario:
  We use one of the following Group Policy Preferences Scheduled Tasks item to deploy a task to clients:
  Computer Configuration -> Control Panel Settings -> Scheduled Tasks -> New -> Scheduled Task (At least Windows 7)
  Computer Configuration -> Control Panel Settings -> Scheduled Tasks -> New -> Immediate Task (At least Windows 7)
  User Configuration -> Control Panel Settings -> Scheduled Tasks -> New -> Scheduled Task (At least Windows 7)
  User Configuration -> Control Panel Settings -> Scheduled Tasks -> New -> Immediate Task (At least Windows 7)
  (Note that on some platforms, "At least Windows 7" is replaced with "Windows Vista and later.")
  After designating a user account to run the task, we select “Run whether user is logged on or not” option, and “The Do not store password…”
  check box is automatically grayed out (See Figure 1).
  Figure 1
  After finishing configuring the task item, on a client, we run command
  gpupdate/force to forcefully update group policy. However, on the client, when we check if the task is listed in Task Scheduler snap-in, the task is not displayed, and when we run
  gpresult/h report.html to collect group policy result for troubleshooting, we see an error as similar as shown in the following figure (Figure 2).
  Figure 2
  Cause:
  To make the scheduled task run whether the user is logged on or not, we need to store the password of the designated user account. However, for the content of the scheduled
  task item is stored in Sysvol where it’s not safe to store passwords, this function has been deprecated.
  Workaround:
  We can run the task with system account
  NT Authority\System, or we can use specific user accounts to run the task when the given user is logged on. (See Figure 3)
  Figure 3
  Reference:
  MS14-025: Vulnerability in Group Policy Preferences could allow elevation of privilege: May 13, 2014
  http://support.microsoft.com/kb/2962486
  Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.

  Hello Everyone,
  Succeeded !!!!!!!
  Even i was struggling with this same Problem to execute a batch via Window scheduler and set the setting to "Run whether the user is logged in or not".
  I tried many time but the batch runs with " Run
  whether user is logged on" and not with "Run
  whether user is logged on or not".
  what i discovered is that there was one mapped drive
  path in my batch file which was not the complete path like y:/AR.qvw actually what i did i changed that map path to the complete path like \\servnamename\d$\AR.qvw and the batch executed successfully with the setting "Run
  whether user is logged on or not"
  The
  conclusion is that check the dependency of the script on external resources because when you check this option "Run
  whether user is logged on or not" It actually conflicts. This my discovery.
  If
  you have any question write me on [email protected]
  Thanks
  & Regards,
  Arun

• Group Policy Preference Power Plan "Blocked By Group Policy"

  I noticed this error in the application event log of a Windows 7 PC:
  Log Name:      Application
  Source:        Group Policy Power Options
  Date:          3/21/2013 3:19:42 AM
  Event ID:      4098
  Task Category: (2)
  Level:         Warning
  Keywords:      Classic
  User:          SYSTEM
  Computer:      xxx
  Description:
  The computer 'Power Plan (Windows Vista and later)' preference item in the 'Windows 7 Desktop Power Plan {A078F08F-45CC-4209-A264-FE0CB5635A99}' Group Policy object did not apply because it failed with error code '0x800704ec This program is blocked by group
  policy. For more information, contact your system administrator.' This error was suppressed.
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Group Policy Power Options" />
      <EventID Qualifiers="34305">4098</EventID>
      <Level>3</Level>
      <Task>2</Task>
      <Keywords>0x80000000000000</Keywords>
      <TimeCreated SystemTime="2013-03-21T10:19:42.000000000Z" />
      <EventRecordID>7687</EventRecordID>
      <Channel>Application</Channel>
      <Computer>xx</Computer>
      <Security UserID="S-1-5-18" />
    </System>
    <EventData>
      <Data>computer</Data>
      <Data>Power Plan (Windows Vista and later)</Data>
      <Data>Windows 7 Desktop Power Plan {A078F08F-45CC-4209-A264-FE0CB5635A99}</Data>
      <Data>0x800704ec This program is blocked by group policy. For more information, contact your system administrator.</Data>
    </EventData>
  </Event>
  How can I find out exactly why it is not working?  "Blocked by group policy" is not specific enough.

  Hi,
  You can also enable GPP tracing and logging for more information:
  Computer Configuration\Policies\Administrative Templates\System\Group Policy\Configure Power Options preference logging and tracing
  http://blogs.technet.com/b/askds/archive/2008/07/18/enabling-group-policy-preferences-debug-logging-using-the-rsat.aspx
  Regards,
  Cicely
  There is no such option "Configure Power Options preference logging and tracing" at Computer
  Configuration\Policies\Administrative Templates\System\Group Policy\.
  It alphabetical order Always use local ADM files ... is followed by Disallow interactive users from generating ...  Not

• Group Policy "Restricted Groups" (local groups) using group policy preferences

  I was recently tasked a solution with creating a group policy to manage RDP user access to a set of Active Directory computer objects.
  Part of the  solution was to create a policy so that this would only apply a specific security group(users) to a specific set of Active Directory computer objects within the OU to which it was applied so that other machines
  and/or user accounts in this OU remain un affected by this policy.
  The policy was to be able to include multiple sets of Security groups(users) for the associated machines isolating those security groups(users) to only their sets of Active Directory computer objects.
   Reduce the requirement to create multiple group policies to apply different "Local Group"/"Restricted groups" management for computer objects in the domain.
  I thouhgt about using System based policies and creating different WMI filters to target sets of AD Computer objects, but came to the conclusion this would not help due to the limited of WMI quries I would be able to create for a standard
  Image.
  So I then thought about group policy preferences and came up with the solution
  I created a new Group policy and created a new item for the local group, in this instance but not limited to "Remote Desktop users (built-in)" and added the security group(users).  In my case I did not need to use the "delete
  all member users" or "delete all member groups" as I wanted other groups in this local group for the computer objects to remain intact.
  Then what I did is set the "item-level-target" setting from "the common tab" on the GPP and set it to the security group which containd the AD computer objects the user accounts required access to.  I then did a couple of standard
  tests to confirm the local security group(users) appeared only on the machine in the item level target security group and applied to no other machines in the outside of SOM. 
  So with this in place, if I needed to create any other entries for different groups and access to specific machines all I need to do is create a new GPP item within this policy.
  Being mindful that system policies settings if applied to same OU will take preceedence over GPP settings.... 
  Thought I would just share this in-case anyone else has had similar requests/thoughts and or has other methods that they have used that they would like to share. 
  I am not sure either on the limit of entries that GPP have either so if anyone does know please post and possible links? 
  I have struggled to find an answer, however it could be that I am not asking the right question!

  good sharing...
  Best,
  Howtodo

• Group Policy Preferences Shortcut issues ( event ID 1085 )

  I am hoping someone will be able to help me with a problem that is causing our users a headache
  We have a Windows 2008 SP2 terminal server farm ( 1 gateway, 2 Terminal servers TS1 and TS2 ), we also use Group Policy Preferences to deliver app shortcuts to different AD user groups.
  TS1 and TS2 were built from the same image.  On TS1 users logon and get all the icons they are entitled to, on TS2 it is random to whether they get their shortcuts or not.   
  Both TS are rebooted daily and I have scripted removing any local profiles incase it was something left behind.
  Checking the event Logs on TS2 I see several errors that appear to relate to Group Policy and correspond to when users have connected in.
  any help with this issue would be appreciated.
  Here is the information from the System log:
  Log Name:      System
  Source:        Microsoft-Windows-GroupPolicy
  Date:          05/12/2014 15:32:26
  Event ID:      1085
  Task Category: None
  Level:         Warning
  Keywords:      
  User:          Username
  Computer:      TerminalServer
  Description:
  Windows failed to apply the Group Policy Shortcuts settings. Group Policy Shortcuts settings might have its own log file. Please click on the "More information" link.
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Microsoft-Windows-GroupPolicy" Guid="{aea1b4fa-97d1-45f2-a64c-4d69fffd92c9}" />
   <EventID>1085</EventID>
      <Version>0</Version>
      <Level>3</Level>
      <Task>0</Task>
      <Opcode>1</Opcode>
      <Keywords>0x8000000000000000</Keywords>
      <TimeCreated SystemTime="2014-12-05T15:32:26.450Z" />
      <EventRecordID>478778</EventRecordID>
      <Correlation ActivityID="{CCB45268-E6F8-4127-97C8-A8544829F2DE}" />
      <Execution ProcessID="344" ThreadID="11212" />
      <Channel>System</Channel>
      <Computer>TerminalServer</Computer>
      <Security UserID="S-1-5-21" />
    </System>
    <EventData>
      <Data Name="SupportInfo1">1</Data>
      <Data Name="SupportInfo2">3892</Data>
      <Data Name="ProcessingMode">1</Data>
      <Data Name="ProcessingTimeInMilliseconds">6047</Data>
      <Data Name="ErrorCode">2147942413</Data>
      <Data Name="ErrorDescription">The data is invalid. </Data>
      <Data Name="DCName”>\\OurDomain</Data>
      <Data Name="ExtensionName">Group Policy Shortcuts</Data>
      <Data Name="ExtensionId">{C418DD9D-0D14-4efb-8FBF-CFE535C8FAC7}</Data>
    </EventData>
  </Event>

  >      <Data Name="ErrorDescription">The data is invalid. </Data>
  Delete the history XML.
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))

• I have files on my external harddisk and access is denied because 'I am not authorized?

  I have files on my external harddisk and access is denied because 'I am not authorized?

  Itunes copy protected files? Login into your Intunes account to access Itunes media that is tied to the account that purchased those audio or video files.

• IE10 Group Policy Preferences on Server 2008R2

  Hi
  I am trying to manage IE10 via Group Policy Preferences in a Windows 2008R2 Domain.  I only see options for Internet Explorer 5, 6, 7 & 8.  How do i make it display IE10?  I have tried installing IE10 to a server with the Group Policy
  Management Console and even tried adding the ADMX & ADML intres files from the Server 2012 ADMX download available from Microsoft.  Currently we do not have a central ADMX Store but i created one to see if it would make a difference and it did not. 
  We do not have any Server 2012 or Windows 8 machines available so i can not configure it thorough there.  I really want to get it added to the GP Preferences in Server 2008R2.  Any help appreciated.
  Thanks

  > 2008R2 Domain.  I only see options for Internet Explorer 5, 6, 7 & 8.
  Edit the XML.
  http://blogs.technet.com/b/asiasupp/archive/2011/03/30/internet-explorer-9-ie9-group-policy-preferences-gpp.aspx
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))

• Group Policy Preferences possible in ZCM11?

  Hi,
  i created a thread (http://forums.novell.com/novell/nove...esnt-work.html) because some GPOs are not working with ZCM11SP2. Now i figured out, that the Problem is the GPPs (Group Policy Preferences).
  THey are available since Windows Server 2008 or 2008R2, i'm not sure.
  With this GPPs you can map drives, set printers, change the registry, power management ...
  Is it possible to use this GPPs with ZCM Policies?
  Cheers

  Here is a bit of a primer:
  http://technet.microsoft.com/en-us/m...01.layout.aspx
  Note: You will need to use ADM and not ADMX if I recall.
  The key will be knowing what registry keys to set.
  For PowerSettings, there are some ADM files floating about the internet
  already.
  On 6/25/2012 12:46 PM, drops wrote:
  >
  > Hi Steffen,
  >
  > for folder redirection look here:
  > 'Cool Solutions: Local Group Policy Folder Redirection (HKCU User
  > Shell)' (http://www.novell.com/coolsolutions/tools/14324.html)
  >
  > it works with windows 7.
  >
  > For a lot of configuration settings i prefer bundles. e.g. registry
  > changes to HKLM.
  >
  > Power management: use powercfg.exe -IMPORT
  >
  > Printer: we use iprint policies. for local printers look at rundll32
  > PrintUI.dll, PrintUIEntry /?
  >
  >
  > With software simply use the Bundle - see your foxitreader example and
  > recommendation from Shaun.
  >
  > best regards
  >
  > Markus
  >
  >
  >
  > SteffenMuch;2203349 Wrote:
  >> Hi Craig,
  >> do you know a good "how to" for this? I didnt create a group policy
  >> template until now.
  >>
  >> Cheers,
  >> Steffen
  >>
  >>
  >> @Shaun:
  >> Thanks, i will look at this solution.
  >
  >
  Craig Wilson - MCNE, MCSE, CCNA
  Novell Knowledge Partner
  Novell does not officially monitor these forums.
  Suggestions/Opinions/Statements made by me are solely my own.
  These thoughts may not be shared by either Novell or any rational human.