Group Policy

To open Group Policy console run gpmc.msc

When checking Group policy issues:

Run “gpresult /h filename.html” in cmd promt to output all group policy objects applied to current user

Group Policy Settings

Loopback mode - you don’t need loopback to be enabled in every policy, just a single GPO at an OU for all User Settings set at an OU to apply to the Computer Objects

Find logon server / domain controller

When seeing errors in group policy you can check the server processing the computer/user login by using the following commands:

CMD:

set l

Powershell

$env:logonserver

Add Administrative Templates

To add admin templates to domain controllers you need to place the *.admx and .adml files in the “PolicyDefinitions” folder in sysvol. The location will be in the “\domain.com\SYSVOL\domain.com\policies\PolicyDefinations” folder on the domain controller. If the “PolicyDefinitions” folder does not exist create it, then create a folder inside for the language files (.adml) this is usually a “en-us” folder. place the *.admx files in the “PolicyDefinitions” folder then the *.adml files in the “en-us” folder.

If you are creating the new “PolicyDefinitions” folder in the sysvol, make sure to copy all the admin templates from the local policydefinitions folder into the sysvol folder.

Microsoft Edge Active Directory