| Author | Messages | |
john.vanmeter
Posts:41
 | | 08/06/2010 3:57 PM |
| I have created a Group Policy Perferences under User Configuration |
Windows Settings | Registry.
I've created a test registry key under the General Tab
Action is - Create
Hive is - HKLM
Key Path - Software\clientname
Value Name - GPPCSE
Value Type - Reg_SZ
Value Data - DoesItWork
This all works fine, the problem i'm seeing is when i change to the Common Tab
and Check Item level Targetting,
click the Targeting button, select new Item and scroll down to User
For the lack of a better title I click the object picker button, then
in the select user windows I want to change the location to a child
domain so I select the location button. The onnly options I see are
the the local maachine name and the domain that the AGPM 4.0 server is
a member of.
Is there something I'm missing or that I need to configure?
Thank Everyone in advanced.::John
| | | |
| jeromelcruz
Posts:120
| | 08/06/2010 3:59 PM |
| I can confirm at least 'similar' behavior in two recent examples. My workaround was to make a setting in it to get the appropriate XML data into the XML file for that extension. Then I had to manually edit the XML and test, test, test. I also made darn sure that I commented the preference thoroughly (any future edits would re-write the wrong thing). The interface I was using was the 'Local Users and Groups' extension.
In one case, I wanted to add an account from a one-way trusted forest to the local Administrators group on a bunch of devices and the interface was failing to allow the browse. Resolution: I added a local account, edited the XML to point to the other forest's account, tested, and voila, it worked.
In the other case, I wanted to add the local Administrator's account to a security group, however since the local Administrators account typically has a unique SID on each device, the interface wouldn't take the text 'Administrator' and in each case substituted the SID of the local account in the XML file. Obviously, this would make the GPO applicable to only a single device. Resolution: I added the account, edited the XML to replace the SID with the text 'Administrator', tested, and voila, it worked on multiple devices.
Summary: I believe that MS may need to do more work/testing on this part of the interface.
Jerry Cruz | Group Policies Product Manager | Windows Server and Infrastructure Architecture | Boeing IT
-----Original Message-----
From: xxxxxxxxxxxxxxxx [mailto:xxxxxxxxxxxxxxxx] On Behalf Of Darren Mar-Elia
Sent: Wednesday, June 02, 2010 9:43 AM
To: xxxxxxxxxxxxxxxx
Subject: RE: [gptalk] Group Policy Perferences for Users
John-
I just tested this in a multi-domain environment I have here and am seeing the same thing, which strikes me as a bit weird. I would guess it's a bug or oversight, but perhaps others can confirm as well...
Darren
-----Original Message-----
From: xxxxxxxxxxxxxxxx [mailto:xxxxxxxxxxxxxxxx] On Behalf Of John van Meter
Sent: Wednesday, June 02, 2010 7:23 AM
To: xxxxxxxxxxxxxxxx
Subject: [gptalk] Group Policy Perferences for Users
I have created a Group Policy Perferences under User Configuration |
Windows Settings | Registry.
I've created a test registry key under the General Tab
Action is - Create
Hive is - HKLM
Key Path - Software\clientname
Value Name - GPPCSE
Value Type - Reg_SZ
Value Data - DoesItWork
This all works fine, the problem i'm seeing is when i change to the Common Tab
and Check Item level Targetting,
click the Targeting button, select new Item and scroll down to User
For the lack of a better title I click the object picker button, then
in the select user windows I want to change the location to a child
domain so I select the location button. The onnly options I see are
the the local maachine name and the domain that the AGPM 4.0 server is
a member of.
Is there something I'm missing or that I need to configure?
Thank Everyone in advanced.::John
| | | |
| omar
Posts:75
| | 08/06/2010 3:59 PM |
| Hmmm that is strange but I wonder if it is by design to reduce cross domain lookups and the such.
So I assume that you are applying this policy to a site or are you linking the policy cross domain?
I would suggest that unless this is a site linked GPO- that you copy that GPO to the child domain, set the focus of the GPMCconnect to a DC in that child domain and then set your item level targetting.
I havent done too much with AGPM myself other than install and test for the revision functionality- so if there is something I am missing here- sorry.
Omar
________________________________________
From: xxxxxxxxxxxxxxxx [xxxxxxxxxxxxxxxx] On Behalf Of Darren Mar-Elia [xxxxxxxxxxxxxxxx]
Sent: Wednesday, June 02, 2010 9:43 AM
To: xxxxxxxxxxxxxxxx
Subject: RE: [gptalk] Group Policy Perferences for Users
John-
I just tested this in a multi-domain environment I have here and am seeing the same thing, which strikes me as a bit weird. I would guess it's a bug or oversight, but perhaps others can confirm as well...
Darren
-----Original Message-----
From: xxxxxxxxxxxxxxxx [mailto:xxxxxxxxxxxxxxxx] On Behalf Of John van Meter
Sent: Wednesday, June 02, 2010 7:23 AM
To: xxxxxxxxxxxxxxxx
Subject: [gptalk] Group Policy Perferences for Users
I have created a Group Policy Perferences under User Configuration |
Windows Settings | Registry.
I've created a test registry key under the General Tab
Action is - Create
Hive is - HKLM
Key Path - Software\clientname
Value Name - GPPCSE
Value Type - Reg_SZ
Value Data - DoesItWork
This all works fine, the problem i'm seeing is when i change to the Common Tab
and Check Item level Targetting,
click the Targeting button, select new Item and scroll down to User
For the lack of a better title I click the object picker button, then
in the select user windows I want to change the location to a child
domain so I select the location button. The onnly options I see are
the the local maachine name and the domain that the AGPM 4.0 server is
a member of.
Is there something I'm missing or that I need to configure?
Thank Everyone in advanced.::John | | | |
|
|