Hi all, am having a wierd problem which is starting to drive me crazy..
I cannot get GPOs to refresh on a client using the usual:
secedit /refreshpolicy xxx_policy /enforce
The enforce only works if I do either of the following:
1. Update the policy - so the version number increments.
2. Delete the history entries from HKCU/HKLM.
If I do either of these, the policy refreshes as expected (with or without enforce) -
otherwise nothing.
I am not getting eventlog messages relating to cannot access history - have checked
the permissions.
I have enabled ful userenv debugging and can see the policy engines working - they
just don't seem to take any notice of the enforce...
Can anyone shed any light - or has anyone else seen similar?
Thanks,
Ben
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
