ZCM DLU Policy Not Applying To Win7 Computer

Similar Messages

• DLU policy not applying - Console One won't OK

  I've created a DLU policy that has administrator group rights. When I try
  to associate it to a user I click OK and the the screen stays (doesn't
  close). The button isn't greyed out and an hour glass appears but it does
  nothing. I've tried the reverse - associating the policy from the user -
  with the same results. Tried deleting and recreating both the user and
  policy in different containers.
  Dsrepair shows everything is clean and the tree is synced.
  Single server tree, netware 5.2 sp7, zen 3.2, console one 3.5
  I have other trees exactly the same and do not have this issue....

  Don't really want to apply anymore patches. We did on one install and it
  messed up all our configurations. This is at a school and with the
  students now back I can't afford any down time.
  > Hi
  > Could you try with Zen SP3 on the current 1.3.6c Consoleone if you see
  > the same problem ?
  >
  > --
  > Regards, Kai Reichert
  > Novell Support Forum Sysop
  >
  > People who claim that computers will make life easier for us have
  > obviously never used one.

• DLU policy not applying

  Customer site has been using ZEN for years. User package with DLU has always been associated at the OU levels and has been working for the users just fine.
  Now we're into a new project that requires the user packages to be associated to the individual users, and a non-DLU package associated to the OUs. What we're seeing is roughly 25% of the users are getting the non-DLU policy, even though their associated and effective policy is supposed to be the DLU one.
  Has anyone seen this? Can you tell me why it's happening?
  Thanks in advance,
  A.

  zeffan,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• Windows Server 2012 R2 - ALL HF's Failing to install as "Does Not Apply to this computer"

  Hi,
  A general question about hot fix installs.
  I have multiple servers that are all Windows 2012 R2. They do not have internet connections, so I have to install the Hotfixes manually. I download the HF's from the ISO download page (https://support.microsoft.com/en-us/kb/913086) every month. I collect them and install in a bulk install during a release cycle ( a couple times a year). I just realized that NO HF's have installed since JUNE 2014. Every HF that shows up in WindowsServer2012R2 directory fail to install with a message of "The update is not applicable to your computer". Which is fine if that was true, but.... I get this message for every HF from the ISO's since June 2014. NOT one HF thinks it is applicable to my computer. Could that be the case? No HF's apply to my Server 2012 systems since June of 2014?
  This is my system info, and below that is the results from attempting to install 95 HF's.
  C:\TEMP>systeminfo
  Host Name: MYHOST
  OS Name: Microsoft Windows Server 2012 R2 Datacenter
  OS Version: 6.3.9600 N/A Build 9600
  OS Manufacturer: Microsoft Corporation
  OS Configuration: Member Server
  OS Build Type: Multiprocessor Free
  Registered Owner: Windows User
  Registered Organization:
  Product ID: 00252-80025-36226-AA727
  Original Install Date: 6/13/2014, 8:04:39 AM
  System Boot Time: 3/16/2015, 2:34:45 PM
  System Manufacturer: Dell Inc.
  System Model: PowerEdge R720
  System Type: x64-based PC
  Processor(s): 2 Processor(s) Installed.
  [01]: Intel64 Family 6 Model 62 Stepping 4 GenuineInt
  el ~2500 Mhz
  [02]: Intel64 Family 6 Model 62 Stepping 4 GenuineInt
  el ~2500 Mhz
  BIOS Version: Dell Inc. 2.2.2, 1/16/2014
  Windows Directory: C:\Windows
  System Directory: C:\Windows\system32
  Boot Device: \Device\HarddiskVolume1
  System Locale: en-us;English (United States)
  Input Locale: en-us;English (United States)
  Time Zone: (UTC-07:00) Mountain Time (US & Canada)
  Total Physical Memory: 262,099 MB
  Available Physical Memory: 249,337 MB
  Virtual Memory: Max Size: 301,011 MB
  Virtual Memory: Available: 288,015 MB
  Virtual Memory: In Use: 12,996 MB
  Page File Location(s): C:\pagefile.sys
  Domain: mydomain.sgn
  Logon Server: \\MYHOST
  Hotfix(s): 25 Hotfix(s) Installed.
  [01]: KB2862152
  [02]: KB2868626
  [03]: KB2876331
  [04]: KB2888505
  [05]: KB2892074
  [06]: KB2893294
  [07]: KB2893984
  [08]: KB2898785
  [09]: KB2898868
  [10]: KB2898871
  [11]: KB2900986
  [12]: KB2901125
  [13]: KB2901128
  [14]: KB2909210
  [15]: KB2909921
  [16]: KB2912390
  [17]: KB2916036
  [18]: KB2919442
  [19]: KB2922229
  [20]: KB2923392
  [21]: KB2925418
  [22]: KB2930275
  [23]: KB2931358
  [24]: KB2931366
  [25]: KB2936068
  Network Card(s): 6 NIC(s) Installed.
  [01]: Broadcom BCM57800 NetXtreme II 10 GigE (NDIS VB
  D Client)
  Connection Name: ISCSI
  DHCP Enabled: No
  IP address(es)
  [01]: 192.168.1.30
  [02]: fe80::38c9:e59c:5ac2:e0a1
  [02]: Broadcom BCM57800 NetXtreme II 1 GigE (NDIS VBD
  Client)
  Connection Name: NIC3
  Status: Hardware not present
  [03]: Broadcom BCM57800 NetXtreme II 1 GigE (NDIS VBD
  Client)
  Connection Name: MGMT
  DHCP Enabled: No
  IP address(es)
  [01]: 7.48.64.32
  [02]: 7.48.64.30
  [03]: fe80::f14e:9339:9326:c7fd
  [04]: Broadcom BCM57810 NetXtreme II 10 GigE (NDIS VB
  D Client)
  Connection Name: SLOT 5 Port 1_swport_VMRepwan
  DHCP Enabled: Yes
  DHCP Server: N/A
  IP address(es)
  [05]: Broadcom BCM57800 NetXtreme II 10 GigE (NDIS VB
  D Client)
  Connection Name: NIC2
  Status: Hardware not present
  [06]: Broadcom BCM57810 NetXtreme II 10 GigE (NDIS VB
  D Client)
  Connection Name: SLOT 5 Port 2_swport_VMOpswan
  DHCP Enabled: Yes
  DHCP Server: N/A
  IP address(es)
  Hyper-V Requirements: A hypervisor has been detected. Features required for
  Hyper-V will not be displayed.
  I have a script that runs each HF install.. If I run them manually without the tool I get the same results so it is not the script..
  Installing 95 patches
  for Microsoft Windows Server 2012 R2 Datacenter x64
  Repository path: U:\Patch Repository_4_1\2012_R2_HFs\
  1. Windows8.1-KB2894852-v2-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  2. Windows8.1-KB2894856-v2-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  3. Windows8.1-KB2920189-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  4. Windows8.1-KB2926765-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  5. Windows8.1-KB2928120-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  6. Windows8.1-KB2931358-x64.msu patch status: ALREADY INSTALLED - SKIPPING
  7. Windows8.1-KB2931366-x64.msu patch status: ALREADY INSTALLED - SKIPPING
  8. Windows8.1-KB2933826-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  9. Windows8.1-KB2939576-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  10. Windows8.1-KB2953522-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  11. Windows8.1-KB2957151-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  12. Windows8.1-KB2957189-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  13. Windows8.1-KB2957689-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  14. Windows8.1-KB2961072-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  15. Windows8.1-KB2961887-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  16. Windows8.1-KB2962872-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  17. Windows8.1-KB2964718-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  18. Windows8.1-KB2964736-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  19. Windows8.1-KB2965788-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  20. Windows8.1-KB2966072-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  21. Windows8.1-KB2966826-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  22. Windows8.1-KB2966828-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  23. Windows8.1-KB2971850-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  24. Windows8.1-KB2972213-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  25. Windows8.1-KB2972280-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  26. Windows8.1-KB2973114-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  27. Windows8.1-KB2973201-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  28. Windows8.1-KB2973351-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  29. Windows8.1-KB2974008-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  30. Windows8.1-KB2976627-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  31. Windows8.1-KB2976897-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  32. Windows8.1-KB2977292-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  33. Windows8.1-KB2977629-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  34. Windows8.1-KB2978668-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  35. Windows8.1-KB2982794-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  36. Windows8.1-KB2982998-v2-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  37. Windows8.1-KB2987107-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  38. Windows8.1-KB2987114-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  39. Windows8.1-KB2988948-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  40. Windows8.1-KB2992611-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  41. Windows8.1-KB2993651-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  42. Windows8.1-KB2993958-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  43. Windows8.1-KB3000061-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  44. Windows8.1-KB3000483-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  45. Windows8.1-KB3000869-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  46. Windows8.1-KB3001237-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  47. Windows8.1-KB3002657-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  48. Windows8.1-KB3002885-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  49. Windows8.1-KB3003057-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  50. Windows8.1-KB3003381-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  51. Windows8.1-KB3003743-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  52. Windows8.1-KB3004150-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  53. Windows8.1-KB3004361-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  54. Windows8.1-KB3004365-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  55. Windows8.1-KB3005607-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  56. Windows8.1-KB3006226-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  57. Windows8.1-KB3008923-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  58. Windows8.1-KB3008925-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  59. Windows8.1-KB3010788-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  60. Windows8.1-KB3011780-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  61. Windows8.1-KB3013126-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  62. Windows8.1-KB3013455-v2-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  63. Windows8.1-KB3014029-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  64. Windows8.1-KB3018943-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  65. Windows8.1-KB3019215-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  66. Windows8.1-KB3019978-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  67. Windows8.1-KB3020393-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  68. Windows8.1-KB3021674-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  69. Windows8.1-KB3021952-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  70. Windows8.1-KB3023607-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  71. Windows8.1-KB3036197-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  72. Windows8.1-KB3021953-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  73. Windows8.1-KB3022777-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  74. Windows8.1-KB3023266-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  75. Windows8.1-KB3023562-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  76. Windows8.1-KB3024663-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  77. Windows8.1-KB3029944-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  78. Windows8.1-KB3030377-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  79. Windows8.1-KB3031432-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  80. Windows8.1-KB3032323-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  81. Windows8.1-KB3032359-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  82. Windows8.1-KB3040335-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  83. Windows8.1-KB3033408-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  84. Windows8.1-KB3033889-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  85. Windows8.1-KB3034196-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  86. Windows8.1-KB3034344-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  87. Windows8.1-KB3035017-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  88. Windows8.1-KB3035034-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  89. Windows8.1-KB3035126-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  90. Windows8.1-KB3035131-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  91. Windows8.1-KB3035132-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  92. Windows8.1-KB3037634-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  93. Windows8.1-KB3039066-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  94. Windows8.1-KB3044132-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  95. Windows8.1-KB3046049-x64.msu patch status: DOES NOT APPLY TO THIS COMPUTER
  Thanks,
  Dave
  

  Hi Dave,
  Would you please check CBS lg file and other relevant event logs if find more clues? On current situation, please refer to following article and check if can help you.
  Update is not applicable to your computer- but it is
  Best regards,
  Justin Gu
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Good evening I would please help me, IGood evening I would please help me, I have problems with flash player when update on my computer Flash Player for windows 8, gives me error in the installation that is not apply on my computer. Please help. Thank You

  Good evening I would please help me, IGood evening I would please help me, I have problems with flash player when update on my computer Flash Player for windows 8, gives me error in the installation that is not apply on my computer. Please help. Thank You

  First, confirm that ActiveX Filtering is configured to allow Flash content:
  https://forums.adobe.com/thread/867968
  Internet Explorer 11 introduces a number of changes both to how the browser identifies itself to remote web servers, and to how it processes JavaScript intended to target behaviors specific to Internet Explorer. Unfortunately, this means that content on some sites will be broken until the content provider changes their site to conform to the new development approach required by modern versions of IE.
  You can try to work around these issues by using Compatibility View:
  http://windows.microsoft.com/en-us/internet-explorer/use-compatibility-view#ie=ie-11
  If that is too inconvenient, using Google Chrome may be a preferable alternative.

• Win7 Computer Config group policy not applying

  Hi all: I am having a bit of trouble getting a Computer Configuration group policy to apply in Windows 7 using ZCM 11.2.3. I have two group policies, one for User Configuration settings and the other for Computer Configuration settings. User Config GP is associated with users and Computer Config GP is associated with Workstations. ZCM shows both policies as being successfully applied. Yet, if I run rsop.msc to generate a resultant GP set, all Computer Config settings show up as undefined.
  I have used this same technique in XP for many years without issue. I suspect the User Config GP is overwriting all GP settings as it is the last to be applied, but since that policy is ONLY for User Config settings I do not see how. Can someone show me the "errors of my ways"?
  Thanks a bunch, Chris.

  I have an identical policy setup - a policy wherein "Computer configuration" is checked and configured (I don't even touch the User related settings) and is applied to workstations as well as a second policy with "User configuration" checked and configured (as with the computer policy, I don't touch the Computer related policy in this User policy) and applied to users. I set it up that way because I want general settings specific to our environment to exist and be effective for all users including IT staff in the Computer policy. I then want to restrict users within the User Policy. I have no Active Directory.
  The computer settings apply intermittently with no rhyme or reason, which makes it difficult to troubleshoot. I have Internet Zone Assignments configured in the Computer policy, so specific users have problems when this policy is not effective which is how I became aware of the problem. I found that I can run "gpudate /force" as the user and the computer policy becomes effective, which is what I do most of the time since it's a quick fix and I can move on to other things. I've tried changing the order the policies are applied. I am considering creating a single policy with both computer and user settings and associating it with users in hopes that it will always apply, but thought I'd check out the forum before doing so. ZCM 11.2.3 and Windows 7.

• 11.2.3 security policy not applying

  This was in another post felt it need its on post and subject.
  11.2.3 has help, but now on device that have 11.2.3 the security policy is
  not applying. I have 4 device I'm testing on one was a clean instill of
  11.2.3 the other 3 were upgraded, out of all 4 only one the security policy
  is applying right. Where would the security policy be store when it is
  applied to a device. Is their a better way to apply security policy.
  I found that the gpttmpl.inf file is not being copy to the
  [C:\Windows\System32\GroupPolicy\Machine\Microsoft\ Windows NT\SecEdit]
  folder and did confirm that it is in the zcm meachine cache folder
  [C:\Program Files
  (x86)\Novell\ZENworks\bin\handlers\CacheFiles\Work stationCache\GroupPolicy\M
  achine\Microsoft\Windows NT\SecEdit]. I manual copy it to the SecEdit
  folder
  logged off back on and then did get the Security Options Settings set
  properly.
  So why is it not copying it over, the Registry.pol file is and all other
  group policy are working (so far). And on the one computer that Security
  Options is working right on and running 11.2.3 the gpttmpl.inf is not in
  the
  [C:\Windows\System32\GroupPolicy\Machine\Microsoft\ Windows NT\SecEdit]
  folder ether and I have checked computers that are still on 11.2.0 and the
  Security Settings are applied but the gpttmpl.inf file in not in the
  [C:\Windows\System32\GroupPolicy\Machine\Microsoft\ Windows NT\SecEdit]. Is
  ZEN suppose to copy gpttmpl.inf to the system32 group policy folder and if
  so can this be fix? I really need Security Settings to apply.
  Hope this makes sense.
  And I have this problem on both 32 & 64 bit windows 7
  I don't know if this affects Windows XP because I don't have any Security
  Settings for XP set.
  Thanks
  Scott

  Well I found this in the ZCM troubleshooting guide with the help of google
  [When more than one Windows Group policy is applied to a device, the
  security settings of the last applied policy are effective on the device.].
  I have all ways had device first user last sense 10.3.3 - 11.2.0 and the
  security policy did apply, at lease with WIN7. So on my test machines I
  change it to user fist device last and now the security policy now works
  with 11.2.3, but I still have to have a bundle to run gpupdate /force at
  user login. If I done have the bundle to run the device group policy does
  not apply sometime, I don't mine to have the bundle to run just why with
  win7 is does not apply with out it and XP does with out it.
  Also why does it not copy the gpttmpl.inf to
  [C:\Windows\System32\GroupPolicy\Machine\Microsoft\ Windows NT\SecEdit]
  directory?
  >>> On Friday, March 15, 2013 at 12:34 PM, in message
  <[email protected]>, Scott Malugin<[email protected]> wrote:
  > This was in another post felt it need its on post and subject.
  >
  >
  > 11.2.3 has help, but now on device that have 11.2.3 the security policy
  > is
  > not applying. I have 4 device I'm testing on one was a clean instill of
  > 11.2.3 the other 3 were upgraded, out of all 4 only one the security
  > policy
  > is applying right. Where would the security policy be store when it is
  > applied to a device. Is their a better way to apply security policy.
  >
  >
  > I found that the gpttmpl.inf file is not being copy to the
  > [C:\Windows\System32\GroupPolicy\Machine\Microsoft\ Windows NT\SecEdit]
  > folder and did confirm that it is in the zcm meachine cache folder
  > [C:\Program Files
  > (x86)\Novell\ZENworks\bin\handlers\CacheFiles\Work stationCache\GroupPoli
  > cy\M
  >
  > achine\Microsoft\Windows NT\SecEdit]. I manual copy it to the SecEdit
  > folder
  > logged off back on and then did get the Security Options Settings set
  > properly.
  >
  > So why is it not copying it over, the Registry.pol file is and all other
  > group policy are working (so far). And on the one computer that Security
  > Options is working right on and running 11.2.3 the gpttmpl.inf is not in
  > the
  > [C:\Windows\System32\GroupPolicy\Machine\Microsoft\ Windows NT\SecEdit]
  > folder ether and I have checked computers that are still on 11.2.0 and
  > the
  > Security Settings are applied but the gpttmpl.inf file in not in the
  > [C:\Windows\System32\GroupPolicy\Machine\Microsoft\ Windows NT\SecEdit].
  > Is
  > ZEN suppose to copy gpttmpl.inf to the system32 group policy folder and
  > if
  > so can this be fix? I really need Security Settings to apply.
  >
  > Hope this makes sense.
  >
  > And I have this problem on both 32 & 64 bit windows 7
  > I don't know if this affects Windows XP because I don't have any
  > Security
  > Settings for XP set.
  >
  >
  > Thanks
  > Scott

• Default Domain Policy Not Applying Settings to Servers or Clients

  I have 2008 R2 DC's with a functioning level of 2003.  Our domain servers are a mix of 2003, 2008, 2008 R2, and 2012 and our clients are a mix of Windows 7 Pro and Windows 8.1 Pro.
  I recently made a change to the Default Domain Policy located at Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies -> Security Options
  For the Security Policy setting called: Network security: Configure encryption types allowed for Kerberos
  The change was to enable DES because of a specific need that I have with an application that I work with but enabling DES and leaving the other options such AES unselected caused other applications to not work right.  I decided to revert the changes
  back to "Not Defined" but those changes did not reflect on the servers even after running the gpupdate /force command.
  In order to keep the application working that broke, we enabled all of the encryption levels such as DES, AES, etc. on the server that's running the application via it's Local Security Policy as a temporary fix.
  Now, I want to make sure all servers receive the settings from the Default Domain Policy and have their Local Security Policies reflect the "Not Defined" setting but it's not applying.  It seems like they worked when I first applied them but
  when I try to remove them it does not work.
  If I change the setting directly on the Local Security Policy on the server or clients it shows "No minimum" instead of "Not Defined" which I've heard can be fixed by identifying the registry entry for that setting and deleting it...so
  help with the location and how to identify that key would also be helpful.
  My goal is not to manually have to change servers and clients to revert back to their default settings...I want the Domain policy to apply and override the servers and client's Local Security Policy.
  Any help with this would be greatly appreciated and thank you in advance.

  I have 2008 R2 DC's with a functioning level of 2003.  Our domain servers are a mix of 2003, 2008, 2008 R2, and 2012 and our clients are a mix of Windows 7 Pro and Windows 8.1 Pro.
  I recently made a change to the Default Domain Policy located at Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies -> Security Options
  For the Security Policy setting called: Network security: Configure encryption types allowed for Kerberos
  refer:
  http://technet.microsoft.com/en-us/library/jj852180(v=ws.10).aspx
  We needed to implement a similar scenario a few years ago (when we introduced Windows7 into our estate).
  We had an SAP/NetWeaver implementation which always worked on WinXP, but failed on Win7.
  We had to enable the DES ciphers, since those were disabled by default in Win7. We discovered that we also needed to enable all the other ciphers (those which are enabled by default[not configured]).
  i.e., when we changed the setting from "Not Configured", enabled DES, and left the RC4/AES stuff untouched by us, the RC4/AES stuff attracted a status of disabled.
  So, we had to set the DES ciphers to Enabled, and, also set the RC4/AES ciphers to Enabled - this gave us the "resultant" enablement of the default stuff and the needed change/addition of DES.
  When you set a GP setting "back to Not Configured", depending upon the setting *AND* the individual Windows feature itself - one of two things will happen:
  a) the feature will "revert" to default behaviour
  b) the feature will retain the current configured behaviour but becomes un-managed
  In classic Group Policy terms, condition (b) above is often referred to as "tattooing", i.e., the last GP setting remains in effect even though GPMC/RSOP/etc does not reveal that to be the case.
  (This is also a really good example of not doing this sort of stuff in the DDP. It could have borked your whole domain :)
  What I'd suggest, is that you re-enable your ciphers for KRB settings again - this time, enable all the ciphers that would normally be "default", let that replicate around, and allow time for domain members to action it.
  Then, set the setting back to Not Configured. This way, the "last" settings issued by GP will be those you want to remain as the "legacy".
  Note: the GP settings reference s/sheet, has this to say:
  Network security: Configure encryption types allowed for Kerberos
  This policy setting allows you to set the encryption types that Kerberos is allowed to use.
  If not selected, the encryption type will not be allowed. This setting may affect compatibility with client computers or services and applications. Multiple selections are permitted.
  This policy is supported on at least Windows 7 or Windows Server 2008 R2.
  Don
  (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
  This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

• Group Policy not applying after logoff \ logon

  We've noticed during testing an issue around Local Group Policy applied via ZCM...
  - user A logs in, policy applies correctly (folder redirection, taskbar settings etc)
  - user A logs off
  - user B logs in, policy applies correctly
  - user B logs off
  - user A logs in again, policy does not apply
  The only way to get policy to apply again for user A is to either reboot or delete the local profile for the user manually
  A few other details...
  - Windows 7 SP1 Enterprise x86
  - DLU Policy applied (non volatile user)
  - user does not have admin rights (in the Users+ group)

  gshaw0,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://forums.novell.com/

• Windows 2008 R2 group policy not applied to windows 8 Workstations, but applied to XP and Win 7

  I have a Windows 2008 R2 Domain Controllers and have a Policy to put a specify wallpaper, eventuality i have to change the Wallpaper, this setting applied sucesfully in Windows xp and Windows 7 workstations, but not applied in Windows 8 workstations even
  if i run gpupdate /forcé,
  Best Regards,
  Thank you

  Hi,
  Thanks for posting in the forum.
  Before going further, would you please let me know how did you configure the Group Policy setting to deploy the wallpaper? Have you configured some settings to limit the scope the GPO applying?
  If all Windows 8 machines failed to receive the GPO settings? In order to narrow down the cause of the issue, I suggest we could try to collect the following information for troubleshooting.
  GPMC.log
  ==================
  a. On domain controller, click Start ->Run, type GPMC.MSC, it will load the GPMC console.
  b. Right click on "Group Policy Result" and choose wizard to generate a report for the problematic computer and user account (please place appropriately). (Choose computer and select the proper
  user in the wizard)
  c. Right click 
  the resulting group policy result and click the "Save Report…" => save report to save the report to a HTML file.
  Once we get the report, please check if the settings have been applied to the target correctly.
  In addition, would you please let me know whether you have imported the latest Windows 8 Administrative Templates to the Windows Server 2008 DC? If not, please try to download and import it.
  Then try to configure the wallpaper GPO settings again to see if it could help.
  For details, please refer to the following articles.
  Administrative Templates (.admx) for Windows 8 and Windows Server 2012
  http://www.microsoft.com/en-us/download/details.aspx?id=36991
  Set Desktop Background via Group Policy in Windows 7, Windows 8 in a Server 2008 or Server 2012 Domain
  http://dizzyit.com/2013/04/14/set-desktop-background-group-policy-windows-7-windows-8-server-2008-server-2012-domain/
  Hope this helps.
  Best Regards,
  Andy Qi
  TechNet Subscriber Support
  If you are
  TechNet Subscription user and have any feedback on our support quality, please send your feedback
  here.
  Andy Qi
  TechNet Community Support

• Group Policy not Applying

  Currently we are running ZfD 7 and Netware 6.5 and have recently upgraded all our workstations to Windows XP Service Pack 2. Our tree structure consists of an OU for each school level, elementary, middle, and high, and an OU for each school in that respective level. Example:
  Elementary
  West Main
  South Main
  Middle
  Brown Middle
  The current contents in each School OU have users, groups, policies, ect. Previously policy was applied by a workstation policy package that distributed all policies: user, machine, and security which were associated with the School OU. Now we split the policy into workstation packages and a user packages. The goal was to have the workstation apply the machine and security policy and the user policy to apply user settings and create dynamic the local user account.
  The workstation policy remains persistent on the workstation while the user policy creates a local user (non-volatile) and applies the user policy from a server path depending on group membership. We have four different user policy packages: Student, Teacher, Specialist and Technology. Each with there own group policy user configuration. Everyone in our Tree has the appropriate permissions to access the policies. We configure the user policy package as follows:
  Policies  Windows XP
  Enabled Dynamic Local User
  Enabled Windows Group Policy
  Workstation Manager
  Network Location
  \\serverpath
  Checked User Configuration
  Policy Schedule
  User Desktop is active
  Advanced Schedule
  Impersonation
  Interactive User
  Associations
  Groups (Teachers, Students)
  I can get the workstation policy to apply with no problem. The problem comes when a users logs on. It doesnt matter if a new user is being created or if they are simply just switching users. User group policy doesnt apply randomly. The strange thing is it does copy down to the machine. If I connect to the admin share on a newly imaged workstation (with no policy applied) and open c:\windows\system32\ you see the creation of GroupPolicy.Usercache Folder and it copies to the GroupPolicy Folder which is were it applies policy from. Also you can see policy dynamically changing if different users logs on. The Registry.pol updates in the c:\windows\system32\ GroupPolicy.Usercache\User folder and c:\windows\system32\ GroupPolicy \User Sometimes group policy applies and sometimes it does not. When a user logs on you see the policy that was copied down apply. For example the run option is taken away from the start menu. During the log on process this remains in effect but when the process completes its almost like policy is take away. When this occurs I can run WMSCHED.Exe and reapply the user policy and it will apply sometimes. I tried applying group policy through both groups and organizational units. Both with the same results. I was wondering if anyone has had issues with applying group policy with ZEN or if I am doing this incorrectly. Any help would be much appreciated. Thanks.

  rscurr,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• Windows WiFi Import Policy not applying

  Quoting from the following TechNet article:
  https://technet.microsoft.com/en-us/library/dn818903.aspx?f=255&MSPPError=-2147217396
  Additionally, for devices that run Windows 8.1 and later, you can import a Wi-Fi configuration profile that was previously exported
  to a file.
  It is not quite clear to me what "devices that run Windows 8.1" are supposed to include. I took it to include Windows 8.1 (Enterprise)
  clients with the Intune Agent installed. However when I create an Windows WiFi Import policy and apply this to a group which contains a windows 8.1 notebook the policy is not applied. 
  It does not seem to be that the policy
  failed, it does not seem to be applied at all. When checking the policy log it states that 4 policies have been found an applied, which are the default set: Hardware inventory, Software inventory, Intune Center Policy and Intune Agent policy.
  So is this supposed to work?
  On a related note: The article linked above states you can export the Wlan policy to include in a Windows WiFi import policy with the following command:
  netsh wlan export profile MyConnection
  Is this not supposed to have an added key=clear argument? I understood that the password encryption used in the export (without key=clear) is only decryptable by the machine on which the export was made. But I may misremember..

  Hello Andre,
  >>
  It is not quite clear to me what "devices that run Windows 8.1" are supposed to include. I took
  it to include Windows 8.1 (Enterprise) clients with the Intune Agent installed. However when I create an Windows WiFi Import policy and apply this to a group which contains a windows 8.1 notebook the policy is not applied. 
  It does not seem to be that the policy failed, it does not seem to be applied at all. When checking the policy log it
  states that 4 policies have been found an applied, which are the default set: Hardware inventory,
  Software inventory, Intune Center Policy and Intune Agent policy.<<
  This works when you manage devices with Win 8.1 via OMA-DM agent. This policy won't work for Win 8.1 devices with Intune
  ("fat") client.
  Примечание:Сообщения предоставляются "КАК ЕСТЬ" без каких-либо гарантий,выраженных или подразумеваемых | Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied

• Power Manager - no new profiles, group policy not applying

  Hi there!
  Having an issue with power manager (latest version, downloaded today) on Vista on a T61.  The first problem is that I cannot create a power profile.  If I hit New on the advanced page and fill all the stuff out, the named power plan does not show up.  It's like I never did it.
  The second issue is that group policy doesn't seem to apply, either.  I tried to create a new power policy through AD using the GPO available for download.  All the settings are filled out, it's named, and it doesn't show up.
  For those concerned that the group policy is mucking up the ability to create a new one through the UI, that was the behavior before the group policy was set up.
  rsop.msc shows definitively that the policy is applying to this machine.
  Does anyone have any hints?
  Thank you!

  rscurr,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• DLU policy not allowing user to unlock

  ZCM 11.2.2
  SLES11SP2
  eDir 8.7
  Win7 x86 and x64 workstations
  I am currently deploying a test environment to about 6 Win7 machines - a mix of x86 ans x64 machines.
  On several of the x86 machines if it locks due to inactivity the currently logged on user is not being allowed to unlock the workstation. Error received is "This computer is locked. Only the logged on user can unlock". It is not across the board but just a few. We are getting the Novell login box but it will not unlock even though it is the same user that originally logged on prior to locking.
  If the policy is removed from that machine it seems to function fine.
  I have set the NIC power management to not allow the computer to turn the NIC off to save power and the result is the same.
  Any guidance would be appreciated.

  I don't have the foggiest on how DLU could relate to this issue.
  I've never head that before.
  I would recommend also asking in the Client Forums.
  You may want to try disabling all Power Mgmt Features.
  Have you tried changing it over to the local Windows User to try and
  unlock the account? ( I presume you can do this in Win7, that used to
  work for XP when this happened.)
  On 3/7/2013 4:36 PM, usfsoyer wrote:
  >
  > ZCM 11.2.2
  > SLES11SP2
  > eDir 8.7
  > Win7 x86 and x64 workstations
  >
  > I am currently deploying a test environment to about 6 Win7 machines -
  > a mix of x86 ans x64 machines.
  >
  > On several of the x86 machines if it locks due to inactivity the
  > currently logged on user is not being allowed to unlock the workstation.
  > Error received is "This computer is locked. Only the logged on user can
  > unlock". It is not across the board but just a few. We are getting the
  > Novell login box but it will not unlock even though it is the same user
  > that originally logged on prior to locking.
  >
  > If the policy is removed from that machine it seems to function fine.
  >
  > I have set the NIC power management to not allow the computer to turn
  > the NIC off to save power and the result is the same.
  >
  > Any guidance would be appreciated.
  >
  >
  Craig Wilson - MCNE, MCSE, CCNA
  Novell Knowledge Partner
  Novell does not officially monitor these forums.
  Suggestions/Opinions/Statements made by me are solely my own.
  These thoughts may not be shared by either Novell or any rational human.

• Password policy not applying properly

  I have set password policy for my domain that
  Maximum age: 60days
  Minimum age is: 45days
  but I get messages every week that passwords would expire in 4 days
  I checked using rsop.msc and policy seems to be correctly applied.
  what could be the problem?

  > Maximum age: 60days
  > but I get messages every week that passwords would expire in 4 days
  If your GPO is applied correctly, this simply means that the last
  password change was 56 days ago.
  > I checked using rsop.msc and policy seems to be correctly applied.
  On the client? Your user is not a local user on the client, but most
  probably a domain user. So you need to check RSoP.msc on the PDC
  emulator, not on the client.
  > what could be the problem?
  You forgot to link your password policy to the domain, and after doing
  so, make sure you move it upwards above the existing "default domain
  policy". In the security filter, add at least "Domain Controllers" -
  better leave "Authenticated Users". And finally, do not block
  inheritance on the "domain controllers" OU.
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))