Client loses all user GPOs sporadically

David Trevor 296 Reputation points
2022-10-20T11:18:50.44+00:00

When logging in today, all of our user GPOs did not apply on my machine.

Checking the event viewer in the GroupPolicy log, for every client side extension I see entries like the following:
Starting Group Policy Internet Settings Extension Processing.
List of applicable Group Policy objects: (Changes were detected.)
None

System log:
The Group Policy settings for the user were processed successfully. New settings from 0 Group Policy objects were detected and applied.

Both log sources indicate that all user GPOs vanished from the client. gpresult shows for the user details under "Organizational Unit" that I am in OU Disable-GPO where inheritance is blocked and no GPO applies. However this is not where my user actually is located.

252463-greenshot000372.png

Also what is the meaning behind the OU Test-GPO that is listed under Block Inheritance?

When this happened I also see this entry in the log. Aren't GPOs applied asynchronously usually?
The Group Policy processing mode is Foreground synchronous.

When I manually run a gpupdate /force everything goes back to normal. Nothing else was changed, indicating that it should have worked the whole time.

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,943 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Limitless Technology 44,056 Reputation points
    2022-10-24T08:18:01.467+00:00

    Hello there,

    The most common issue seen with Group Policy is a setting not being applied. The first place to check is the Scope Tab on the Group Policy Object (GPO). If you are configuring a computer-side setting, make sure the GPO is linked to the Organization Unit (OU) that contains the computer. If the GPO configures a user side setting, it needs to be linked to the OU containing the correct user.

    You can use the GPResult command with /scope: user or /scope: computer option to display the applied group policy settings on the user or computer. You can also view the applied group policy settings of the specific user.

    10 Common Problems Causing Group Policy To Not Apply

    https://social.technet.microsoft.com/wiki/contents/articles/22457.10-common-problems-causing-group-policy-to-not-apply.aspx

    ----------------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer–


  2. David Trevor 296 Reputation points
    2022-10-26T12:31:40.83+00:00

    Anything else I can try or is this just a weird client bug?

    0 comments No comments

  3. David Trevor 296 Reputation points
    2023-06-15T09:06:53.1633333+00:00

    I have not had this problem in a long time and I believe it was fixed by clearing the GPO cache from my machine.

    Computer Policies

    %windir%\System32\GroupPolicy\DataStore
    

    User Policies

    %localappdata%\GroupPolicy\DataStore
    

    Group Policy Container (GPC) related information (i.e. stores last known OU location of users)

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\DataStore
    
    0 comments No comments