Printable View
We are using a single forest, single tree, dual domain structure (root domain and resource). I want to apply a group policy object to a website and use the group policy management console and whildst I am able to make the link, if I am running the modelling tool, then it returns blocked SOM/ The link location is root_domain/configuration/sites/SITE. Does anyone got a proper solution for this issue?
Please see if there is the inheritance blocked in the OU where the User/computer is located.
I think that the GPO RestrictDesktop might not be applied to your machine. So ensure that the group policy settings in your computer configuration of GPO is linked to OU which has computer object and the group policy settings in the user configuration of GPO which is linked to OU that has user object. Incase the settings are both in the machine and the user configuration then the GPO must be linked to top domain level. Check the article made on "Controlling the Scope of Group Policy Objects using GPMC" from below link:
http://technet.microsoft.com/en-us/l...68(WS.10).aspx
Can you tell us whether the GPO link is set to enforce (no override)? If yes then the IT OU should not be blocked. Follow the article on "Managing inheritance of Group Policy" from here - http://technet.microsoft.com/en-us/l...x#BKMK_enforce. Also try to collect the output of GPResult /v and copy and paste it here so that I can take a look at it.