Jim, I have looked at this, and this is not configured. In fact, there are no local GPO's configured in either the Computer or User Configuration containers. Thanks for the idea. I will look into the permissions further. Anyone else? Thanks, Chris -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Hathaway Sent: Monday, December 23, 2002 10:23 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Interesting GPO problem. Chris,=20 Try this on each of your TS servers.=20 Go to Run, type MMC. From the MMC console, select console, add / remove snap-in. Select Add, select 'group policy' choose the default of 'local computer', select finish, then close all other option pages to get back to the MMC.=20 From the local machine policy snap in, select 'computer configuration', administrative templates, system, group policy. Select your 'user group policy processing mode, to 'replace'. Once this is done, close out the MMC, go to a command line and type the following: secedit /refreshpolicy Machine_Policy /enforce Then try having users log-in. Essentially, this process forces the loopback processing mode on the local machine, which then allows the AD policies to apply properly.=20 If you still have problems, I would re-evaluate the permissions on the policies you've placed on the OU.=20 HTH J=20 -----Original Message----- From: Chris Lynch [mailto:lynch00@xxxxxxx]=20 Sent: Monday, December 23, 2002 10:12 AM To: TheThin. net Cc: clynch@xxxxxxxxxxxxxxxxxxx; jdurbin@xxxxxxxxxxxxxxxxxxx Subject: [THIN] Interesting GPO problem. I have come across a weird problem that I was hoping someone has seen before. Basically, I have upgraded a clients domain from NT4 to Windows 2000 Active Directory. There were legacy NT 4 Policies that were being applied to the Windows 2000 MF Xpe servers. They are running SP2, and FR1 at the moment. Basically what is going on is the NT 4 policies stopped working after the upgrade. They were custom made ADM files, and were specified within the registry on the Terminal Servers were to get the NT 4 policies. After the upgrade, they did stop working, but not a big deal. We have some template GPO's we just put in place. Now, the problem is that with Loopback Processing Mode turned on in ALL of the GPO's, they will not apply either. When examining the GPO's INI files, we found the reg key were Loopback Processing mode is turned on. It's location is HKLM\Software\Policies\Microsoft\Windows\System. This System key is supposed to be there with a value called "UserPolicyMode" (REG_DWORD) with a value of 0x2 specified. This key and value doesn't exist. When we manually put this key in, and have the user log off then back on, the GPO's apply. We copied this key to all of the MF servers, and now on some of them this key is no longer there and causing GPO problems. I have run the GPOTOOL with the verbose switch, and had it check both of their Windows 2000 DC's for any GPO errors, and it came back clean. Now, there are no other DC's (Windows 2000 or NT 4) on the network, and AD replication is working. Anyone have any ideas as to why this is happening, or could shed some light on to this weird problem? Thanks, Chris ***********************************************=20 This Weeks Sponsor: 99point9.com The 99Point9.com Online Tech Support=20 Helpdesk is the one-stop solution for all=20 your server-based computing needs.=20 http://www.99point9.com ************************************************ For Archives, to Unsubscribe, Subscribe or=20 set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm *********************************************** This Weeks Sponsor: 99point9.com The 99Point9.com Online Tech Support Helpdesk is the one-stop solution for all your server-based computing needs. http://www.99point9.com ************************************************ For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm *********************************************** This Weeks Sponsor: 99point9.com The 99Point9.com Online Tech Support Helpdesk is the one-stop solution for all your server-based computing needs. http://www.99point9.com ************************************************ For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm