组策略GPO不在客户端“看到”

我有一个新的OU(natorg.local \ NATO \ Users),我试图将GP应用到。 我在这个OU中创build了一个新用户,并将这个GPO连接到这个OU:

DESKTOP - Folder Redirection (AppData) DESKTOP - Folder Redirection (Desktop) DESKTOP - Folder Redirection (Documents) 

希望这些名字足以说明他们的确做了什么。 这些设置在用户设置下,因此不需要回送处理(如果我的理解是正确的)。

针对用户和特定计算机的GPbuild模表示将应用/应该应用GPO,但是在客户端上,gpresult甚至不会在“已应用”或“未应用”下看到GPO:

 USER SETTINGS -------------- CN=Amir,OU=Users,OU=NATO,DC=natorg,DC=local Last time Group Policy was applied: 25/06/2012 at 11:07:13 AM Group Policy was applied from: svr-addc-01.natorg.local Group Policy slow link threshold: 500 kbps Applied Group Policy Objects ----------------------------- LAPTOPS - Power Settings WSUS - Set Server Address OUTLOOK - Auto Archive SECURITY - Lock Screen After Idle Default Domain Policy DESKTOP - Regional Settings NETWORK - Proxy Configuration NETWORK - IE General Config OFFICE - Trusted Locations OFFICE - Increase Privacy OUTLOOK - Disable Junk Filter DESKTOP - Disable Windows Error Reporting DESKTOP - Hide Language Bar NETWORK - Disable Skype DESKTOP - Disable Thumbs.db Creation WSUS - Set Server Address The following GPOs were not applied because they were filtered out ------------------------------------------------------------------- Local Group Policy Filtering: Not Applied (Empty) NETWORK - Google Chrome Configuration Filtering: Not Applied (Empty) SYSTEM - Event Log Configuration Filtering: Not Applied (Empty) SECURITY - Local Administrator Password Filtering: Not Applied (Empty) NETWORK - Disable Windows Messenger Filtering: Not Applied (Empty) SECURITY - Audit Policy Filtering: Not Applied (Empty) WSUS - Automatic Install Filtering: Not Applied (Empty) NETWORK - Firewall Configuration Filtering: Not Applied (Empty) DESKTOP - Enable Offline Files Filtering: Not Applied (Empty) 

我没有改变GPO的权限,没有WMI过滤…正如我所说,GPbuild模说,他们应该被应用。 在客户端上的GPResult正确地标识自己是正确的OU(CN = Amir,OU = Users,OU = NATO,DC = natorg,DC = local)

有2个2008R2和2003个DC,域是2003级,客户机是Windows XP SP3。

任何人都可以提出为什么这些GP对象会对客户“隐形”吗?

好吧,我不假装理解这个,但问题是单独的GPO与用户设置(电源configuration文件)链接到计算机的OU与Loopback启用“replace”模式。

禁用特定的GPO允许新的GPO被客户“看到”。

检查以确保计算机不在阻止任何组策略的容器中。 我甚至会删除计算机对象并将设备读取到域。