Local group policy not applying (gpresult says its empty, but it's not)
Deleting c:\windows\security\database\secedit.sdb
and rebooting did the trick...
Related videos on Youtube
![Matthias Güntert](https://i.stack.imgur.com/WXyOv.png?s=256&g=1)
Matthias Güntert
Mixing technical obsession with dedication.
Updated on September 18, 2022Comments
-
Matthias Güntert almost 2 years
We are running a strange AD constellation here, where the same logon script is defined within the local group policy on each server (don't ask me for the reason, it wasn't my idea).
Then an (AD-) GPO (lets call it GPO_A) got linked which, besides other things, configured loopback processing to merge mode. GPO_A nor any other GPOs (except the local one) define any user or computer scripts.
Also
Turn off Local Group Policy objects processing
is nowhere defined.After a gpupdate and reboot of the server the mentioned logon script gets executed twice and causes several incidents.
Gpresult /h c:\temp\rsop.html
lists this script twice:As our local GPOs get's configured via an SCCM packet I thought that someone might accidently had run a job and redistributed this package but no, that's not the case (checked the logs).
So I thought the local GPO might have became somehow corrupted and therefor resetted it using the following procedure:
CMD> secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose CMD> RD /S /Q "%WinDir%\System32\GroupPolicyUsers" CMD> RD /S /Q "%WinDir%\System32\GroupPolicy" CMD> gpupdate /force & shutdown /R /T 0
Then I manually reconfigured the user logon script and now nothing get's executed anymore... (yes, rebooted, yes gpupdate'd /force).
Can someone please shed some light on this? What am I doing wrong here?
-
peterh about 9 yearsYou can accept your own answer, too, and this is what I suggest to do.