Jump to content

How to force Windows to update group policy using local policies

Pikatchu
By Pikatchu
in Troubleshooting
 Share
Go to solution Solved by Pikatchu,
On 7/15/2024 at 1:48 PM, manikyath said:

 

 

On 7/16/2024 at 4:41 PM, Bletboy356 said:

 

 

Thanks for the answer you two, I will give some thoughts to creating a special folder in the AD for this kind of workstation.

 

The group policy that requires changing is directly linked to a software, most of our workstations do not have that software.

Posted

Hi All,

 

I have set a computer's group policy to the desired settings, but after a computer restart the policy still did not update its settings to registry.

So, I tried to use gpupdate /force; the issue with the command is that it kept trying to access our domain controller to grab the latest group policy.

 

It successfully grabs the domain's group policy and updated it, but I need it to grab Local group policy changes.

 

Is there a way to force a group policy update using local policy only? (The policy change is computer specific)

Full time technology enthusiast, part time IT.

Link to post
Share on other sites
Posted

if you set anything locally, and then gpupdate, you override everything you set locally with what's set in the domain controller.

 

you ideally dont want to do partial configuration locally on a machine, instead you either make a specific folder in active directory with settings for that machine, or you dont have it grab domain policies at all.

Link to post
Share on other sites
Posted

The point of group policy is to override any local settings to bring a computer inline with the domain settings. 

 

If you have access to the DC you can put an exception in, then it will pick up local settings. 

 

Personally though I would create a new gpo that sets the bits you want, it's just this computer now, but it gives you more options in the future to either add more computers or should replacing this box be necessary you just update which computer it applies to. 

 

 

Link to post
Share on other sites
Posted
  • Author
  • Solution
On 7/15/2024 at 1:48 PM, manikyath said:

 

 

On 7/16/2024 at 4:41 PM, Bletboy356 said:

 

 

Thanks for the answer you two, I will give some thoughts to creating a special folder in the AD for this kind of workstation.

 

The group policy that requires changing is directly linked to a software, most of our workstations do not have that software.

Full time technology enthusiast, part time IT.

Link to post
Share on other sites
Posted

The easiest solution is copy the existing gpo, make the changes you need and use security filters to apply it to a group containing the pc you need. If you get the order correct it should override your normal policy, but you can use the security settings to explicit deny apply policy if your struggling.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Troubleshooting

×