Try deleting the secedit.sdb file and then reboot the system. We have had to do this in the past. It is located in the C:\winnt\security\database directory.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ben Machin Sent: Monday, February 03, 2003 8:21 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] secedit enforce problems... Hi all, am having a wierd problem which is starting to drive me crazy.. I cannot get GPOs to refresh on a client using the usual: secedit /refreshpolicy xxx_policy /enforce The enforce only works if I do either of the following: 1. Update the policy - so the version number increments. 2. Delete the history entries from HKCU/HKLM. If I do either of these, the policy refreshes as expected (with or without enforce) - otherwise nothing. I am not getting eventlog messages relating to cannot access history - have checked the permissions. I have enabled ful userenv debugging and can see the policy engines working - they just don't seem to take any notice of the enforce... Can anyone shed any light - or has anyone else seen similar? Thanks, Ben List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
