Freigeben über


Client 發現gpresult 顯示有套用GPO, 但是套用結果還是舊的

分析:

Windows XP SP3 GPO refresh 機制有改變,在進行套用GPO 會將舊的資訊刪除,並產生備份檔案(tempntuser.pol),一但存取其他GPO 套用有問題, 就會rollback, 故此亦為您看到Gpresult 有套用,但是機碼還是舊的

Check userevn log:

USERENV(628.f30) 15:38:40:747 ParseRegistryFile: Entering with <\contoso.comSysVolcontoso.comPolicies{63AF2C73-0180-4582-80FE-84B3870C1245}Machineregistry.pol>.
USERENV(628.f30) 15:38:40:763 SetRegistryValue: Failed to open key <SYSTEMCurrentControlSetServicesUSBSTOR> with 5     < 套用失敗

USERENV(628.f30) 15:38:40:778 ParseRegistryFile: Callback function returned false.
USERENV(628.f30) 15:38:40:794 ParseRegistryFile: Leaving.
USERENV(628.f30) 15:38:40:809 ProcessGPORegistryPolicy: ParseRegistryFile failed.
USERENV(628.f30) 15:38:40:825 ProcessGPORegistryPolicy: Resetting policies set in the current processing cycle.
USERENV(628.f30) 15:38:40:841 ResetPolicies: Entering.
USERENV(628.f30) 15:38:40:856 ParseRegistryFile: Entering with <C:Documents and SettingsAll Usersntuser.pol>.   << 刪除剛才套用的 .POL
:::
USERENV(628.f30) 15:38:46:434 ParseRegistryFile: Leaving.
USERENV(628.f30) 15:38:46:450 ResetPolicies: Leaving.
USERENV(628.f30) 15:38:46:466 ParseRegistryFile: Entering with <C:Documents and SettingsAll Userstempntuser.pol>.    << rollback .POL
USERENV(628.f30) 15:38:46:481 SetRegistryValue: Found comment GPO Name: Local Group Policy.
USERENV(628.f30) 15:38:46:481 SetRegistryValue: AlertLevel => 3  [OK]

Check Event log:    事件檢視器也清楚看到的確套用有錯誤
7/27/2010 下午 03:32:26 4 0 9010 Microsoft Operations Manager NT AUTHORITYSYSTEM  A0412XP
7/27/2010 下午 03:32:32 4 0 1035 MsiInstaller NT AUTHORITYSYSTEM  A0412XP Windows Installer 已重新設定該產品。產品名稱: Configuration Manager Client。產品版本: 4.00.6221.1000。產品語言: 1033。重新設定成功或錯誤狀態: 0。
7/27/2010 下午 03:32:48 1 0 1020 Userenv NT AUTHORITYSYSTEM A0412XP SYSTEMCurrentControlSetServicesUSBSTOR 存取被拒。
7/27/2010 下午 03:32:48 1 0 1096 Userenv NT AUTHORITYSYSTEM  A0412XP \contoso.comSysVolcontoso.comPolicies{63AF2C73-0180-4582-80FE-84B3870C1245}Machineregistry.pol 存取被拒。
7/27/2010 下午 03:34:18 1 0 1020 Userenv NT AUTHORITYSYSTEM A0412XP SYSTEMCurrentControlSetServicesUSBSTOR 存取被拒
7/27/2010 下午 03:34:18 1 0 1096 Userenv NT AUTHORITYSYSTEM  A0412XP \contoso.comSysVolcontoso.comPolicies{63AF2C73-0180-4582-80FE-84B3870C1245}Machineregistry.pol 存取被拒。
7/27/2010 下午 03:34:56 2 52 4356 EventSystem N/A A0412XP COM+ 事件系統無法建立訂閱者 partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{7E89FF0B-F649-4F9A-A9C3-F05DFAAA3DA1} 的執行個體。CoGetObject 傳回 HRESULT 80070005。
7/27/2010 下午 03:36:40 4 0 12 Communicator N/A A0412XP Communicator has enabled event logging.    Information about failed calls will be sent to the Windows event log. 
7/27/2010 下午 03:38:40 1 0 1020 Userenv NT AUTHORITYSYSTEM A0412XP SYSTEMCurrentControlSetServicesUSBSTOR 存取被拒。
7/27/2010 下午 03:38:40 1 0 1096 Userenv NT AUTHORITYSYSTEM  A0412XP \contoso.comSysVolcontoso.comPolicies{63AF2C73-0180-4582-80FE-84B3870C1245}Machineregistry.pol 存取被拒。
7/27/2010 下午 03:38:57 4 0 1704 SceCli N/A A0412XP 群組原則物件中的安全性原則已經套用成功。

建議做法:

針對套用有問題的 Policy 進行調整, 並解決此問題 Policy 套用問題, 隨後GPO套用才會正確