Gpupdate not updating folder redirection

22-Aug-2015 14:01 by 8 Comments

Gpupdate not updating folder redirection - online dating sites evaluation

What we basically want, is to make it possible for the administrator (Admin), from a central location (Admin workstation), to update policies on Computer1, Computer2 and/or Computer3 – and the user policies for User A, B and C - whenever the admin finds it necessary. Figure 1: The scenario We do have the wonderful Gpupdate tool built in to Microsoft Windows XP and newer – and we had Secedit on Windows 2000 systems - but it is unfortunately so, that unlike the Gpresult command, both Gpupdate and Secedit only handle updates.Of course, if we have a deployment system set up already, like Microsoft Systems Management Server (SMS), we could use this system to distribute a small script that executes the necessary command for a group of users or computers.

gpupdate not updating folder redirection-66

Firewall trouble: Like with any other communication that is initiated from the network, packets that try to update policy settings on remote computers' will fail if the remote computers local firewall (like the one built in to Windows operating system from Windows XP Service Pack 2 and up) is not configured to allow such incoming traffic (from a given subnet, IP or whatever).

The problem is that by default, the so called background processing “only” happens every 90 to 120 minutes (randomized) – if we want to force updates to occur right away we are on our own.

Of course there is a reason why policies do not just update every 5 minutes or ‘real-time’.

The load on Domain Controllers and the network would simply be too much to handle in most environments.

But, if a very important security setting at some point needs to be pushed to a large number of clients “right away”, it’s nice to be prepared for such a situation.

Updating Microsoft Windows Group Policy settings on the local machine is not so hard with a tool such as Gpupdate, but updating these policies on remote domain computers is not possible from within any Microsoft Management Console (MMC) by default or with any Microsoft tool available so far.

In this article we will show some tricks, scripts and free tools that makes this task possible – and even easy – for the network administrator.Most administrators know the problem of forcing Group Policy (GP) processing on remote computers.After configuring an important policy of some kind, we would sometimes like GP processing to occur immediately on client computers.The built in Windows firewall must be configured to allow the incoming traffic we want by using a Group Policy Object (GPO), so ironically, such a policy is the only one we definitely cannot force to firewall-enabled remote computers.The policy settings that need to be enabled for all the mentioned methods in this article, is the following: Other firewall devices between the central computer and the remote computers must be configured to comply with the above setting (see Help text on the mentioned policy in GPEDIT. Administrator rights: The user that initiates the processes on the remote computers must be a local administrator on those machines – or else it’s simply not going to work as expected.After this is taken care of, let’s look at the free methods we have available.