# server2008 r2, GPO not replicating to XP SP3 client



## jceledon (Apr 25, 2011)

Ok, so my domain controller is a server 2008 R2. my client is a windows xp sp3 both are up to date on updates. now was able to add my xp client to the domaina and it recognizes the domain groups. My problem comes with applying rules through group policy, i have one shared user that i am trying to give modify rights to the C drive on the machines it will be on, but no matter what i do those rights won't replicate.

I have tried making them local domain admins through restricted groups in the the Group policy but it just does not work. tried creating an isolated ou and applying a group policy for that nope.. tried creating an explicit group in AD then applying the GPO to the group.. nothing.. the only thing i am able to do is touch each machine and manually give the domain user rights to the Crive,

now i have been trying to do simple things like disable CTRL + ALT +DEL to log on, and not even that will replicate.. what am i doing wrong?


----------



## jceledon (Apr 25, 2011)

Just to update and clarify a little more.. so it seems that my xp machines are receiving the gpo and supposedly they are being applied yet they are not.. what i mean is that after running gpupdate, i run gporesult and it shows that all settings were applied successfully yet when i check, for this example i am adding that user a regular domain user to the local administrator account. so that would make my account appear under the administrator group in the local users and groups, and also give me visible administrator privildges like access to the c drive needed to run some programs.... and that is what i cannot do.... 

to simplify.. i am not in the local admin group, and no access to c drive even though i should.. 

this is all for a shared user that needs to be able to run a program that needs access to the c drive.

i am a domain admin, when i log in as myself, then i can run the program fine.. it is simply when the restricted user logs on that i can do nothing.. also i also tried that option that lets any level user run programs, but did not work either... only solutions i have found involve touching every machine, and making the shared user a local admin, or giving full control rights to the c drive.. we have deepfreeze so neither is a threat. especially with the users that will be on the machine.. not skilled at all computer wise.. i just want to avoid touching all our machines. 

Thanks Again.


----------



## Dave Atkin (Sep 4, 2009)

Have you installed the Group Policy Preference Client Side Extensions for Windows XP?

See Download details: Group Policy Preference Client Side Extensions for Windows XP (KB943729) 

Dave


----------

