Group Policy Preferences Shortcut issues ( event ID 1085 )

Similar Messages

• Group policy Preferences server 2008 and windows 7

  Hi I have been struggling with an issue with group policy preferences for a while now with regard to pushing out printers to windows 7 (32/64 bit) Machines. I have two DC servers one is 2008 and the other is 2008 r2. I have setup the group policies on the
  2008 server as it is the only one i am allowed to access regularly to do this.
  Basically here is my problem. I have created multiple GPO's to send out printers from out print server to classrooms across the school district I work for, I have a mix of xp and windows 7 machines. I have the server setup with both 32 and 64bit drivers
  for all printers on that server, we have a mix of oki and hp and ricoh. I know all the connections work and the drivers work well, however when I push them out using the group policy, the windows 7 machines don't install the printers. The xp machines do this
  perfectly well when I install the client side extensions patch, but they just will not pull down on the 7 machines unless i install the printer first manually, then delete it and then run gpupdate. In that instance it will work, but obviously i don't want
  to have to go round thousands of computers doing this manually.
  Just as a side note, each classroom has its own user account and its own printer.
  If anyone has any advice as to how i can go about resolving this issue i would greatly appreciate it, this has been a problem i have been researching and trying to fix since January.......

  Hi,
  >>The xp machines do this perfectly well when I install the client side extensions patch, but they just will not pull down on the 7 machines unless i install the
  printer first manually, then delete it and then run gpupdate.
  Before going further, we can run command
  gpresult/h gpreport.html with admin privileges to collect group policy result on the troubled Windows 7 clients to check the issue. Besides, we can also check event logs in Event Viewer to see if some related error events were logged.
  Besides, I want to confirm if we have disabled
  Point and Print Restrictions under both User Configuration and Computer Configuration. To have a consistent experience, it’s recommended that we disable the policy setting in both locations if we are dealing with mixed-level clients.
  Regarding this point, the following article can be referred to for more information.
  Point and Print Restrictions policies are ignored in Windows Vista SP2, Windows Server 2008 SP2, and later Windows operating systems
  http://support.microsoft.com/kb/2307161/en-us
  Best regards,
  Frank Shen

• Extreme slow login on Server 2008 R2 TS at Group Policy Preferences - Printers

  I see references to this problem everywhere, going back to 2010.  However I'm not finding any real answers.
  I have Group Policy Preferences installing printers to Terminal Server Users.  I have one policy that applies to 4 terminal servers.  One of them is a 2008 R2, the others are 2003 x64.  Only for the 2008 R2 server, after all of the printers
  show (in event viewer) as successfully loaded, there is a long hang.  I have many printers applied to me, and that results in my load time being the longest of all at about 3 minutes.  I am an administrator on the machine.  Others have the exact
  same problem, just a bit less pronounced depending on the number of printers. 
  The policy preference is set to UPDATE, so it's not loading the driver... again, the printer is already successfully applied.
  I've tried setting UAC to "Never" on the server.  No effect.  I've played with the Point and Print policy at both computer and user level, finally just setting both to disabled, but prior to that setting them to Enabled with the "do
  not show warning" on both settings.  No effect (which makes sense since that is for non-admins and I am having this problem as an admin).
  My logging pasted below shows this same thing in all cases.
  Is there an answer to this that I am just not finding?
  2013-12-06 09:11:44.133 [pid=0x388,tid=0xca0] Filters passed.
  2013-12-06 09:11:44.133 [pid=0x388,tid=0xca0] Adding child elements to RSOP.
  2013-12-06 09:11:44.133 [pid=0x388,tid=0xca0] Set user security context.
  2013-12-06 09:11:44.289 [pid=0x388,tid=0xca0] Set system security context.
  2013-12-06 09:14:13.873 [pid=0x388,tid=0xca0] Set user security context.
  2013-12-06 09:14:13.909 [pid=0x388,tid=0xca0] Set system security context.
  2013-12-06 09:14:13.909 [pid=0x388,tid=0xca0] Properties handled.
  2013-12-06 09:14:13.909 [pid=0x388,tid=0xca0] RunOnce value created [SUCCEEDED(S_FALSE)]

  Hi,
  Based on your description, I want to confirm whether we have used Item-level Targeting of GPP for printer deploying.
  GP Preferences settings that use Item- Level Targeting (ILT) are not inherently harmful. However, certain kinds of Item Level Targeting queries can
  take more time to run.
  Regarding this issue, the following article can be referred to for more information and the hotfix in the article can be downloaded to fix the issue.
  You experience a long domain logon time in Windows Vista, Windows 7, Windows Server 2008 or Windows Server 2008 R2 after you deploy Group Policy preferences
  to the computer
  http://support.microsoft.com/kb/2561285/en-us
  In addition, regarding group policy and logon impact, the following article can be referred to for more information.
  Group Policy and Logon Impact
  http://blogs.technet.com/b/grouppolicy/archive/2013/05/23/group-policy-and-logon-impact.aspx
  Best regards,
  Frank Shen

• Proxy details keep deleting from field in Group Policy Preferences for IE 10 on windows 7 and 8

  We have a lot of users who on the last update and have seemed to manage to install IE 10 onto their windows 7 machines as now causing all sorts of issues. I know that IEM has been replaced in favour of Group Policy Preferences and I have build a windows
  8 machine just to create a group policy preference as you are unable to create the preferences from windows 7, thank you Microsoft!
  I have created a test OU and got a win 7 and a win 8 machine both with IE 10 for testing. I have created the preference settings, home page etc and disabled using the F keys the advanced features that we do not require as from reading in other post even
  if it is not ticked, if it is green then it will apply it, kinda defeats the using the tick but it is what it is!
  When we do a gpupdate it picks up the default homepage as well as other settings but the proxy settings is blank. I then went back into the preferences I created for IE 10 and checked the connections, LAN settings and the proxy server name is missing but
  both ticks are showing for the proxy settings and when you click on advanced it shows the proxy server and port details fine. I have been working on this now for 4 days and getting no where to a point were we just roll back any users on IE 10 back to IE 9.
  I have also unlinked any other gpo relating to Internet settings on the test OU just in case there are conflicts. Any ideas as where to go from here?

  In the end to get around the proxy settings I had to create a registry key preference with proxy and port details which seemed to have done the trick and now IE 10 is picking up the proxy details and displaying webpages

• Windows 2008 R2 - Group Policy Preference - folder option "Open with" Access denied

  Similar to this post:
  social.technet.microsoft.com/Forums/en-US/d42a81bc-96de-4af3-bc41-079e88e6ea4a
  We have Citrix terminal servers running Windows 2008 R2 and attempting to force PDF files to open with Acrobat versus PDF editing software we have installed for a small subset of users.  So I created a Group Policy Preference and added a OpenWith item
  to the Folder Options to use Acrobat as the default and linked it to a Users OU.  However, if I run gpresult the OpenWith setting fails with error code 0x80070005.  You can change it to not run in the user's security context which eliminates the
  error but then it won't actually do anything.
  The problem seems to be that when a user sets another program as their default via Windows Explorer the permissions on HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\UserChoice get changed so that the user is specifically
  denied the ability to set that key.  Remove the special permissions added and the group policy succeeds and changes it back to the default ... until the user changes it back (intentionally or otherwise) and the permissions are changed again.
  Any ideas here?

  > Any ideas here?
  We use GPP Registry to achieve this goal, so we do not run into that
  issue (we unchecked "run in users context", so privs are not an issue)
  But I agree, this really should work as intended...
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))

• Registry Wizard not saving selections in Group Policy Preferences.

  Hello,
  I am trying to set registry keys for ODBC settings using Group Policy Preferences. All PC's in the domain are Windows 7. In testing, I was able to get this to work. Now that I am trying to create it for production, I am unable to get it to work.
  I am using the same PC to create for production that I used when I was testing.
  The steps I am taking are as follows:
  Create a new GPO. Edit the GPO and navigate to the registry node under Computer Configuration, Preferences where I create a new Collection Item. I then right click the new collection item and choose New - Registry Wizard. Using Local Computer,
  I navigate to [HKLM] > Software > Wow6432Node > ODBC > ODBC.ini
  Under the ODBC.ini key are all of the keys and data I want to include in my policy. When I check each key and put a check mark beside each data item in the lower window, my selections in the lower window are not being saved. The check mark
  shows up at the time but they are gone if I go back to check my work before hitting the finish button. If I go ahead and finish the policy anyway, I only get the keys, not the data items when the GPO is applied.
  I have found a work around but it is very cumbersome and isn't a good long term solution. The work around is to go ahead and create the policy, then go back into the collection and expand everything on the left and add each data value to each key one at
  a time using the All Tasks > Add - menu item.
  Any ideas why this is happening? I should also mention when I was "testing", I was hitting the same domain controller as I am when trying to build this for my "production" policy.
  Thanks in advance.

  Hello,
  Thanks for your reply. I am waiting on my account to be verified before I can post a screen shot.
  I did discover that if I go through and click on all the data items more than once, it appears to work. Basically, I went through each key and checked the data items, then went back to the top and started over again. All of the checks were gone, so I checked
  them again and clicked finish. I don't know if they were still missing but checking them twice seems to have worked.
  I can replicate the issue if I only check them once.

• Does using Group Policy Preferences to deploy printers require the print driver to be pre-installed?

  I'm trying to prepare our school system for Windows 7 (we currently use XP).  I would like to use the new Group Policy Preferences method of deploying printers.  I pushed out the XP client side extensions through WSUS.  In my test environment, I added the shared printer in group policy preferences.  My XP machine had the printers show up automatically, but my Windows 7 machine did not.  I realized that I had previously connected a printer of the same type to my XP machine before and the drivers were already installed.  To test this theory, I manually connected the shared printers to the Windows 7 machine, deleted them, then logged off and back on.  Now the printers are showing up from group policy.  My question is does using group policy preferences to deploy printers require the print driver to be pre-installed?  If not, then what am I doing wrong?  If so, is there a way to work around this?  Thanks for your help.
  EDIT:  To clarify, I am using the share method in GPP.  This is the error message I get in the event log:
  The user 'PRINTERNAME' preference item in the 'win7 printer test {946461A1-27F8-406F-A0B3-0A1A05AF34F6}' Group Policy object did not apply because it failed with error code '0x80070bcb The specified printer driver was not found on the system and needs to be downloaded.' This error was suppressed.

  This link have a description of resolution:
  http://technet.microsoft.com/en-us/library/cc725938.aspx
  Open the GPMC.
  Open the GPO where the printer connections are deployed, and navigate to Computer Configuration, Policies, Administrative Templates, Control
  Panel, and thenPrinters.
  Note
  The Point and Print Restrictions setting can also be found under User Configuration\Policies\Administrative Templates\Control Panel\Printers.
  This policy is ignored by Windows 7 and Windows Server 2008 R2, but is enforced by earlier editions of Windows including Windows XP with SP1, Windows Server 2003 with SP1, and Windows Server 2008. We recommend that you change
  this policy setting in both locations so that all down-level clients have a consistent experience.
  Right-click Point and Print Restrictions, and then click Properties.
  Click Enabled.
  Clear the following check boxes:
  Users can only point and print to these servers 
  Users can only point and print to machines in their forest 
  In the When installing drivers for a new connection box, select Do not show warning or elevation prompt.
  Scroll down, and in the When updating drivers for an existing connection box, select Show warning only.
  Click OK.

• Group Policy Preference Power Plan "Blocked By Group Policy"

  I noticed this error in the application event log of a Windows 7 PC:
  Log Name:      Application
  Source:        Group Policy Power Options
  Date:          3/21/2013 3:19:42 AM
  Event ID:      4098
  Task Category: (2)
  Level:         Warning
  Keywords:      Classic
  User:          SYSTEM
  Computer:      xxx
  Description:
  The computer 'Power Plan (Windows Vista and later)' preference item in the 'Windows 7 Desktop Power Plan {A078F08F-45CC-4209-A264-FE0CB5635A99}' Group Policy object did not apply because it failed with error code '0x800704ec This program is blocked by group
  policy. For more information, contact your system administrator.' This error was suppressed.
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Group Policy Power Options" />
      <EventID Qualifiers="34305">4098</EventID>
      <Level>3</Level>
      <Task>2</Task>
      <Keywords>0x80000000000000</Keywords>
      <TimeCreated SystemTime="2013-03-21T10:19:42.000000000Z" />
      <EventRecordID>7687</EventRecordID>
      <Channel>Application</Channel>
      <Computer>xx</Computer>
      <Security UserID="S-1-5-18" />
    </System>
    <EventData>
      <Data>computer</Data>
      <Data>Power Plan (Windows Vista and later)</Data>
      <Data>Windows 7 Desktop Power Plan {A078F08F-45CC-4209-A264-FE0CB5635A99}</Data>
      <Data>0x800704ec This program is blocked by group policy. For more information, contact your system administrator.</Data>
    </EventData>
  </Event>
  How can I find out exactly why it is not working?  "Blocked by group policy" is not specific enough.

  Hi,
  You can also enable GPP tracing and logging for more information:
  Computer Configuration\Policies\Administrative Templates\System\Group Policy\Configure Power Options preference logging and tracing
  http://blogs.technet.com/b/askds/archive/2008/07/18/enabling-group-policy-preferences-debug-logging-using-the-rsat.aspx
  Regards,
  Cicely
  There is no such option "Configure Power Options preference logging and tracing" at Computer
  Configuration\Policies\Administrative Templates\System\Group Policy\.
  It alphabetical order Always use local ADM files ... is followed by Disallow interactive users from generating ...  Not

• Errer message while adding a computer account to a local group in Group Policy Preferences...

  Hi all;
  Suppose I want to add a computer account to Event Log Reader on local computers by using Group Policy Preferences. Look at the following figure:
  But after selecting the desired computer account and clicking OK, the following error message appears:
  Any ideas?
  Thanks
  Please VOTE as HELPFUL if the post helps you and remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
  the thread.

  > But after selecting the desired computer account and clicking OK, the
  > following error message appears:
  Couldn't repro - worked in my domain for both a builtin group and a new one.
  Greetings/Grüße,
  Martin
  Mal ein
  gutes Buch über GPOs lesen?
  Good or bad GPOs? - my blog…
  And if IT bothers me -
  coke bottle design refreshment (-:

• Group Policy Preferences IE9 settings inconsistently applying on Windows 7 Clients

  We have two Windows 2008 R2 Domain Controllers.
  We have only Windows 7 SP1 clients.
  We have a mix of IE 9, 10 ,11 on the clients.
  We moved to using GPP to control IE Proxy settings some considerable time ago.
  We recently needed add a site the the proxy exceptions list. This appeared to work. However we discovered that for IE 10+ the setting was not effective. So we spun up a Windows 8.1 VM with RSAT and added a new IE Settings object into GP targeting IE
  11. This appeared to have the desired effect.
  After a while some  (and it appears only some) IE9 machines, found their proxy settings reverting. This could be resolved by closing IE down and issuing a gpupdate /force command. However the issue would re-occur for these users, and they would be required
  to close their browser and re-issue update /force again.
  Furthermore (this may or may not be linked) we have been seeing JavaScript disabled warnings from OWA from some machines running IE11.
  Any thoughts on troubleshooting this would be appreciated.
  Nick

  Would you please let me know if the issue only occurred on all Windows 7 with IE 9 installed machines? Or
  only some Windows 7 with IE 9 installed machines have this issue?
  The issue is affecting about 20-25% of machines. Generally after a logon they are fine, but then after a background gp refresh they pick up 'old' settings for the bypass proxy list.
  Would you please let me know how did you configure the GPP settings?
  We opened up an existing GPO that contained our previous Internet Explorer GPP settings on our first domain controller (which appears to have IE11 installed) made the changes to the existing
  GPP IE Settings.
  We then noticed that the settings hadn't taken on IE11 machines, so we used a windows 8.1 RTM VM with RSAT installed to add an additional "Internet Explorer 8: Internet Explorer 11" only
  set of preferences. The IE8/9/10 preferences had priority of 1 the IE 11 preferences a priority of 2
   I think the original GPP settings were created from a Windows 7 machine with IE9 and the Enterprise Hotfix Rollup installed.
  Did you configure it in one GPO and applied to all machines?
  Yes.
  Have you tried to just configure it separately on Windows 2008 R2 DC and applied it to these Windows 7 with IE 9 installed machines?
  Not yet. We currently have a some LOB activities that require one of the sites in the proxy bypass list. I do not want to risk breaking that until later on this week.
  How to enable Group Policy Preferences support for IE9
  http://www.grouppolicy.biz/2011/03/how-to-enable-group-policy-preferences-support-for-ie9/
  We have the enterprise hotfix rollup installed on the Clients. However
  it appears it is not installed on the DCs. 
  Further examination of the output of a gpresult /h shows that legacy settings from the IE Maintenance object within the GPO match the settings we see applying from time to time. Is that possible? How can we remove the IE Maintenence settings from the
  GPO to test?

• Mandatory Profiles, Group Policy Preferences, Synchronous processing

  Hello,
  I'm using Windows 8.1 Update to setup a lab of computers that will use standard user accounts with Mandatory Profiles and Group Policy to lock them down. Everything is working great with the exception of Group Policy Preferences. I am using GPP printers
  to add a shared printer to the computer lab and set the default. Due to asynchronous processing, the GPPs are applied only every other time. Since they are mandatory profiles, the settings are wiped out every time.
  I have enabled the GPO setting "Always wait for network at startup and logon" but it doesn't seem to have any effect. The Mandatory Profile is assigned in the user's AD object.
  From everything I can find on the issue, the problem seems to stem from the synchronous processing/asynchronous processing of group policy preferences, which explains the consistent alternating working. Fast logon optimization is always off when using a
  roaming user profile, which is the case of these standard users, to my understanding. I also configured cached logons to '0', disabling cached logons. The computers (configured to automatically sign in with SysInternals' Autologon) received an error (no logon
  servers available) trying to sign in before the network was ready, showing that they are ignoring the setting. Even with waiting for the network and signing in manually, the GPP printers are only successfully added every other time.
  http://technet.microsoft.com/en-us/library/jj573586.aspx
  2008R2 functional level
  I have created and recreated GPOs to test creating them on the DC and a Windows 8.1 Update computer, with no change in outcome.
  I have also tried setting Startup policy processing wait time, run logon scripts synchronously, and GPP Printers processing behaviors. For the latest testing, I created a new OU with blocked inheritance and created a new GPO with just the key settings to
  wait for network, install the printers, and use the mandatory profile. It still only worked every other time.
  I am currently at a loss for a good way to add the printers to the mandatory profiles. I have hacked them into the HKCU of the mandatory profile but I feel that is a kludge solution and not very sustainable. I have tried a logon PowerShell script but had
  no luck.
  TL;DR: Win8.1Update, Mandatory Profiles, standard user: Every other restart, GPP Printers are added perfectly and the desired outcome is reached. Every other, other restart the printers are not added.

  Hi,
  I'll involve other engineer to this thread for more discussion about your problem. Please wait patient.
  Thank you for your understanding!
  Roger Lu
  TechNet Community Support

• Vista logon stuck with Group Policy Preferences

  After testing some Group Policy Preferences, my Vista SP1 laptop was stuck logging on , it showed (welcome) and then stopped the logon process.
  To be sure i did a fresh Vista reinstall but i still couldn't logon to the domain, the GPO Event log showed that it was looping (endless) trough the GPO's, without showing any obvious errors. I removed all the settings from the Preferences GPO, i stayed with GPOP Drive and Printers mappings and they work fine.  
  After adding these 3 settings it hung again:
  Regional Settings
  Abort rest of group on error:  No
  Process in user context:  Yes
  Remove (if not applied):  No
  Preference (apply once):  No
  Filtered directly:  No
  Filtered by ancestor:  No
  Disabled directly:  No
  Disabled by ancestor:  No
  Internet Settings
  Abort rest of group on error:  No
  Process in user context:  No
  Remove (if not applied):  No
  Preference (apply once):  No
  Filtered directly:  No
  Filtered by ancestor:  No
  Disabled directly:  No
  Disabled by ancestor:  NO
  Start Menu
  Abort rest of group on error:  No
  Process in user context:  Yes
  Remove (if not applied):  No
  Preference (apply once):  No
  Filtered directly:  No
  Filtered by ancestor:  No
  Disabled directly:  No
  Disabled by ancestor:  No
  Is this normal behavior, and has someone else seen this unwanted "feature"!?? Or did i make a mistake..

  Hi tnx for your reply
   Florian Frommherz wrote:
  So did it actually stop? The blue circle did it stop turning around? How long did you wait for it to complete? Are there only Preferences or policies in place as well?
  The blue circle is turning arround, it seems looping, after 20 seconds it stops for half a second and starts a new 20 second loop stops for half a second etc etc. In the GPO Vista event log i can find this loop. (checking link speed, finding applying GPO's....... and starting over again)
  I waited for more then an hour, a normal logon takes 30 seconds for the Welcome screen.
   Florian Frommherz wrote:
  So - you mean to say that it behaves the same way? It just stops processing the policies?
  It doesn't stop, it seems to loop...
   Florian Frommherz wrote:
  I guess not. Could you create a new, seperate policy will all the Preference settings that let the machine "get stuck" and apply it to a test machine so that those Preferences in question are the only ones applied? Maybe you can track down which Preference causes the machine to choke.
  I did, i seperated the GPO Parts, i know that the Drive and Printer mappings from the GPOP are working fine.
  It's in one of those 3 GPO settings (IE, regional, start menu). Even if i disable those specific GPOP parts the logon still gets stuck, after removing / disabling the complete GPO logon runs normal.
  I also think during logoff the GPOP are also conflicting since it's also stuck during logoff.
  Other Domain accounts are able to logon and off fine!
  Could this be caused by the, running a GPOP in User context???
  My Vista version is Enterprise, i didn't check on other Vista versions.

• Replace Mapped Drives with UNC Paths via Group Policy Preferences

  We are currently using Group Policy Preferences to map network drives to drive letters for our users.  Given the risk of ransomware, etc. these days we want to provide users with a UNC link rather than a mapped drive letter.  Can anyone tell me
  the best way to do this?
  Thanks,
  Joe

  > We are currently using Group Policy Preferences to map network drives to
  > drive letters for our users.  Given the risk of ransomware, etc. these
  > days we want to provide users with a UNC link rather than a mapped drive
  > letter.  Can anyone tell me the best way to do this?
  Create shortcuts :)
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))

• Group Policy Preference's --APplied to Groups not always working

  I've created a new group policy preference to add a couple new desktop shortcuts.
  I've set the security filtering to apply to "JamesGroup".  I have verified that "JamesGroup" has Read & Allow Apply Group Policy selected
  I put myself into that group.
  I then run a GPupdate/force on my computer and I get no new shortcuts.
  If I adjust the security filtering to apply to "JamesUserAccount" and rerun GPupdate/force, the desktop shortcuts come through right away.
  I've tried creating new groups and it never seems to work...it just works when I set the security filtering to specific user accounts.
  When I remove myself from the security filtering, and run a GPresult /r I see that the GPO was not applied because it was filtered out: Denied (Security)
  Why isn't the GPO applying when I set it on a security group?
  To make things more interesting, it seems to work if I log onto a different computer as the same user?!? But doesn't work on 90% of the computers.

  > Yes I have tried logging out/in, locking/unlocking, and restarting
  > computers...nothing seems to work...
  How many groups are you a member of? You might suffer kerberos token
  bloating...
  To verify, check
  "whoami /groups"
  against
  "dsquery user -samid %username% | dsget user -memberof -expand"
  All groups in dsquery output also listed in whoami output?
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))

• Group Policy Preference: Problem Adding Network Locations

  Group Policy Preferences (GPP) do not currently support correctly creating shortcuts in Network Locations/My Network Places the way Windows produces them when you go through the "Add a network location" wizard. Unfortunately, the GPP simply creates a standard shortcut instead of creating a folder that contains target.lnk and desktop.ini (the way the "Add a network location" wizard does).
  I was curious to know when the GPP engine will be updated to correctly add Network Locations the way the "Add a network location" wizard does?
  Thanks.

  Talfr77,
  I would like to know what environment you tried this under.  I made policy like you described on a 2012 domain controller and the resulting shortcut worked fine on windows 8 clients and on the 2012 servers.
   However, the 2008 servers and windows 7 clients didn't work.  They simply got a folder with two files.   It would appear that the format of the target.lnk file may be different between versions of windows.  I took a target.lnk from a
  working shortcut made on a 2008 server and put in on a 2012 server and the result was it not recognizing the shortcut.
  It is also worth noting for anyone who wants to try this method, that in step 2 of Talfr77's directions he says to copy the desktop.ini file using the GPP file copy function to the subfolder with the target.lnk file.  He didn't mention how to accomplish
  that.   You can store the desktop.ini file anywhere on your network as long as the UNC path to it is accessible to the user.  I suggest you store it right in a subfolder of the GPO in the sysvol to keep things tidy.  So that UNC would be the
  source path. (example would be \\domain.local\SYSVOL\domain.LOCAL\Policies\{020DBAF4-2631-4246-8811-DE02F7613959}\desktop.ini) The destination path will be %appdata%\Microsoft\Windows\Network Shortcuts\<Subfolder name>\desktop.ini
  The same goes for his step 3 where you edit the folder attributes.  The folder you want to edit is %appdata%\Microsoft\Windows\Network Shortcuts\<Subfolder name>
  Karl