[gptalk] Re: Authentication

  • From: "Alan & Margaret" <Syspro@xxxxxxxxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Fri, 22 Sep 2006 23:17:44 +1000


If you look under Machine\Adm Templates\System\Group Policy you will see there 
is  a setting for slow Link detection. This does a ping to the Domain 
controller to determine the line speed.

There are also individual policies for Registry Policy processing, IE 
maintenance etc. You can then set whether these will apply over a slow link.

Be aware though that if the user is always running remotely, they will never 
get the policies applied.

There is also a setting for slow link detection under User\ADM 
templates\System\Group Policy.

 Alan Cuthbertson

 Policy Management Software:-
ADM Template Editor:-
Policy Log Reporter(Free)
  ----- Original Message ----- 
  From: Attardo, Joe 
  To: gptalk@xxxxxxxxxxxxx 
  Sent: Friday, September 22, 2006 10:30 PM
  Subject: [gptalk] Re: Authentication

  Thanks Bart for you feedback. A little more information. We do not use 
roaming profiles. Is there a way I can get the login script to stop running so 
the users are not trying to map drives from remote locations? 
    -----Original Message-----
    From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On 
Behalf Of bart.schillebeeks@xxxxxxxxxx
    Sent: Friday, September 22, 2006 5:57 AM
    To: gptalk@xxxxxxxxxxxxx
    Subject: [gptalk] Re: Authentication


    Logging on to a domain controller in another site shouldn't make a 
difference in GPO processing times as they are in that local site also 
    The gpo processing will check the version and will not apply unless there 
is a difference. 

    What i'm suspecting is that you draw the roaming profile from their "home 
office" share over the wan. 
    Also folder redirection to home folders on their "native" file server will 
slow it down cosiderably. 

    The only way to solve this is to deploy DFS based file shares for home 
folders and profiles. 

    Also make sure you son't delete local cached copies of their profile as 
this will also force GPO settings to reapply completely. 
    Vriendelijke groeten, 
    Kind Regards, 

    Schillebeeks Bart 
    Active Directory Security Consultant 
    Small and Departmental Systems - NT Systems Fortis Bank 
    AD Internet Consulting BVBA

    Any views expressed in this message are those of the individual sender, 
except where the  message states otherwise and the sender is authorised to 
state them to be the views of any  such entity.This Message is in no way 
legally binding and has to be viewed as a personal  opinion of the sender. This 
message reflects in no way the views of FORTIS BANK and its  associates and AD 
internet Consulting BVBA and its  associates. Unless otherwise stated, any 
pricing information given in this message is  indicative only, is subject to 
change and does not constitute an offer to deal at any price  quoted. Any 
reference to the terms of executed transactions should be treated as 
preliminary  only and subject to our formal written confirmation.

    AD Internet Consulting BVBA, Hezemeer 7, 2430 Eindhout-Laakdal 
ON:0470419019  www.adinternet.com  mailto:Sales@xxxxxxxxxxxxxx

    -----Original Message-----
    From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On 
Behalf Of Attardo, Joe
    Sent: Friday, September 22, 2006 11:41 AM
    To: gptalk@xxxxxxxxxxxxx
    Subject: [gptalk] Authentication

    Good Morning, 

    We have many people who travel to other offices as part of their jobs and 
the logon experience when they get there is painfully slow. Is there a way to 
set a policy so if a user authenticates to a domain controller away from their 
"home office" that they will not receive any policies such as a logon script or 
folder redirection.  Any suggestions would be appreciated. 



Other related posts: