If it helps, here is how each CSE responds, by default, when a slow link is detected:
CSE Processes on Slow Link? Security Yes IP Security Yes EFS Recovery Yes Wireless Network Yes Administrative Templates Yes Scripts No Folder Redirection No Software Installation No IE Maintenance Yes So if desktop lockdown = administrative templates, you should not be experiencing problems because of the slow link. However, is ICMP enabled between these remote sites and their DCs? If not, then slow link detection will break and no GP processing will occur. That could be what you're seeing. The answer then is to disable slow link detection completely (or enable ICMP). Darren -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tim Hines Sent: Friday, April 15, 2005 6:53 AM To: [email protected] Subject: Re: [ActiveDir] GPO's not getting there What do you mean by "GPO's aren't applied properly on the workstations"? Are you using slow WAN link detection settings for GPO's? That would cause the clients to not process all GPO settings . Even in that scenario the majority of GP Settings apply except for those that are bandwidth intensive. Those would be settings such as folder redirection, logon scripts and application deployment. You should still receive security settings and the settings from administrative templates. Tim ----- Original Message ----- From: "Nicolas Blank" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Friday, April 15, 2005 9:27 AM Subject: [ActiveDir] GPO's not getting there > I have a customer with small links and 1200+ wan sites. Problem I'm having > is that without local DC's GPO's aren't applied properly on the workstations > on logon, and the workstations are not locked down. The customer is not > willing to buy an extra 1200 dc's. Since WAN costs are a bit silly the size > of our pipes seem to be fixed as well. I don't really know how to get around > this without tatooing the registry for the currently loggon on user, but > that wouldn't give me the flexibility needed to achieve complete lockdown > either. > Any ideas around this? > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
