The PRO of that method: Though this can be a con for small offices or for Power Users wanting more autonomy. The CON of this method: Do you want to allow this?
If I don't, users will leave their computers on for 35 days straight. We recently deployed DCs at each of our 11 satellite sites. All connected via MPLS. Each site only has 10 PCs. We've recently discovered that leaving them on for days on end causes issues. I have tried and tried to get this working to no avail.
They are machines. I set the GPO for Windows 7 and up. Normal shutdown - f -r -t -c "Gonna shut down! Trigger is for 2AM with 1 hour stagger. The task is in the task scheduler. And it's scheduled for the next morning at a random time near 2AM, but he next day, nothing happens. AND, there's no result.
It's just rescheduled for the next day. What's interesting is, one server has decided to acknowledge and process the task. It shows it completed successfully, and I received a boot email from that server this morning.
The other servers act like it's not even there. I thought this was related to the "Windows 7 and up" setting because I had a similar problem with the workstations. Initially, I had all of our workstations set to reboot at 2: I decided I wanted them staggered.
And it didn't run. It seemed it was because the new GPO didn't allow for saving credentials. And now I am where I described above. There's nothing in the event log. So, WTF am I missing? Shitty hardware, blah blah.
I'm working with what I can. This is what I have. So with this I will work.
As we grow, I'll certainly replace the DCs with server class hardware. Have you never been forced to deal with the cards you were dealt?
That being said, the GPO works. The scheduled task is present on each server. I can run it on demand. The problem is, it doesn't run via schedule. And it doesn't even show that it tried.
Here's a shot from a server which has the task, but hasn't yet processed it. The "next run" date just keeps incrementing upward: I appreciate everyone's input. I may not agree with all of it, but it certainly is a learning experience and I really am grateful.
Changing the deploy type from "Update" to "create" fixed it. I'm guessing it was a combination of both the staggered start time and the Update GPO flag. It kinda makes sense, because if you are looking at the Scheduled Tasks, and press refresh, the start time changes.
So maybe the start time is constantly randomizing until it hits that trigger time? I dunno, but they all rebooted today.Problem: Currently GPO enabled in AD to lock down DomainIDs so we are not able to edit GPO locally to add local IDs.
So need to find a solution to lock down local IDs without disturbing Domain GPO. How can I achieve this without disturbing the existing Domain GPO.
Dec 04, · Hello, the company was hit by a virus and 7, + entries were created in many users Trusted Sites. We're locking down Trusted Sites, however it appears the entries in the Site to Zone map is adding the entries, not overwriting or removing the bogus entries.
How can I replace the sites in the · Hi, Rickkee, you can do this trough a GPO. Apr 10, · I went through Microsoft's OneDrive troubleshooting guide and wanted to use a policy to add the suggested sites to the IE Trusted Sites zone.
Using your guide I was able to create a new GPO to update 2 registry keys. How to add trusted sites using GPO Trusted web sites are those you trust as safe (such as Web sites that are on your organization's intranet or that come from established companies in .
Jan 23, · As always this isn't a hard-and-fast rule, but it helps immensely with troubleshooting if you have separated the functions.
If you do have separate GPOs for user and computer setting, be sure to disable the half that isn't being used (IE on a User GPO, disable the Computer settings). Each Zone is represented by the number 0 to 4, going from least to most restrictive. 0 is the My Computer zone, 1 is the Intranet sites zone, 2 is the Trusted Sites zone, 3 is the Internet zone, and 4 is the Restricted sites zone.