This is the current gpresult /z results, is there anything that could be causing it:
Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
© 2013 Microsoft Corporation. All rights reserved.
Created on 11/5/2020 at 7:37:45 PM
RSOP data for DOMAIN\firstname.lastname on DC1 : Logging Mode
-------------------------------------------------------
OS Configuration: Primary Domain Controller
OS Version: 6.3.9600
Site Name: City
Roaming Profile: N/A
Local Profile: C:\Users\firstname.lastname
Connected over a slow link?: No
COMPUTER SETTINGS
------------------
CN=DC1,OU=Domain Controllers,DC=domain,DC=local
Last time Group Policy was applied: 11/5/2020 at 7:33:05 PM
Group Policy was applied from: DC1.domain.local
Group Policy slow link threshold: 500 kbps
Domain Name: DOMAIN
Domain Type: Windows 2008 or later
Applied Group Policy Objects
-----------------------------
Default Domain Controllers Policy
Default Domain Policy
ADAuditPlusMSPolicy
Manage Engine
The following GPOs were not applied because they were filtered out
-------------------------------------------------------------------
ADAuditPlusPolicy
Filtering: Denied (Security)
Allow Remote Management
Filtering: Denied (Security)
Local Group Policy
Filtering: Not Applied (Empty)
The computer is a part of the following security groups
-------------------------------------------------------
BUILTIN\Administrators
Everyone
BUILTIN\Pre-Windows 2000 Compatible Access
BUILTIN\Users
Windows Authorization Access Group
NT AUTHORITY\NETWORK
NT AUTHORITY\Authenticated Users
This Organization
DC1$
Domain Controllers
DnsUpdateProxy
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS
Authentication authority asserted identity
Denied RODC Password Replication Group
RAS and IAS Servers
ADAuditPlusMS
System Mandatory Level
Resultant Set Of Policies for Computer
---------------------------------------
Software Installations
----------------------
N/A
Startup Scripts
---------------
N/A
Shutdown Scripts
----------------
N/A
Account Policies
----------------
GPO: Default Domain Policy
Policy: MaxRenewAge
Computer Setting: 7
GPO: Default Domain Policy
Policy: LockoutDuration
Computer Setting: 15
GPO: Default Domain Policy
Policy: MaximumPasswordAge
Computer Setting: 365
GPO: Default Domain Policy
Policy: MinimumPasswordAge
Computer Setting: N/A
GPO: Default Domain Policy
Policy: ResetLockoutCount
Computer Setting: 15
GPO: Default Domain Policy
Policy: MaxServiceAge
Computer Setting: 600
GPO: Default Domain Policy
Policy: LockoutBadCount
Computer Setting: 10
GPO: Default Domain Policy
Policy: MaxClockSkew
Computer Setting: 5
GPO: Default Domain Policy
Policy: MaxTicketAge
Computer Setting: 10
GPO: Default Domain Policy
Policy: PasswordHistorySize
Computer Setting: 5
GPO: Default Domain Policy
Policy: MinimumPasswordLength
Computer Setting: 10
Audit Policy
------------
GPO: Default Domain Controllers Policy
Policy: AuditPolicyChange
Computer Setting: Success
GPO: Default Domain Controllers Policy
Policy: AuditAccountManage
Computer Setting: Success, Failure
GPO: Default Domain Controllers Policy
Policy: AuditObjectAccess
Computer Setting: Success
GPO: Default Domain Controllers Policy
Policy: AuditDSAccess
Computer Setting: Success
GPO: Default Domain Controllers Policy
Policy: AuditPrivilegeUse
Computer Setting: No Auditing
GPO: Default Domain Controllers Policy
Policy: AuditProcessTracking
Computer Setting: Success
GPO: Default Domain Controllers Policy
Policy: AuditAccountLogon
Computer Setting: Success, Failure
GPO: Default Domain Controllers Policy
Policy: AuditLogonEvents
Computer Setting: Success, Failure
GPO: Default Domain Controllers Policy
Policy: AuditSystemEvents
Computer Setting: Success
User Rights
-----------
GPO: Default Domain Controllers Policy
Policy: SyncAgentPrivilege
Computer Setting: N/A
GPO: Default Domain Controllers Policy
Policy: MachineAccountPrivilege
Computer Setting: Authenticated Users
GPO: Default Domain Controllers Policy
Policy: ChangeNotifyPrivilege
Computer Setting: *S-1-5-80-1670033946-1058562292-2418231921-1479535664-4274663199
Pre-Windows 2000 Compatible Access
Authenticated Users
Administrators
Everyone
DOMAIN\QBDataServiceUser19
*S-1-5-80-797827364-3451187129-808634983-2979512460-2324440249
GPO: Default Domain Controllers Policy
Policy: IncreaseBasePriorityPrivilege
Computer Setting: Administrators
GPO: Default Domain Controllers Policy
Policy: CreateTokenPrivilege
Computer Setting: N/A
GPO: Manage Engine
Policy: SecurityPrivilege
Computer Setting: DOMAIN\manage.engine
GPO: Default Domain Controllers Policy
Policy: TakeOwnershipPrivilege
Computer Setting: Administrators
GPO: Default Domain Controllers Policy
Policy: DenyInteractiveLogonRight
Computer Setting: DOMAIN\QBDataServiceUser19
GPO: Default Domain Controllers Policy
Policy: RestorePrivilege
Computer Setting: Server Operators
Backup Operators
Administrators
GPO: Default Domain Controllers Policy
Policy: DebugPrivilege
Computer Setting: Administrators
GPO: Default Domain Controllers Policy
Policy: SystemTimePrivilege
Computer Setting: Server Operators
Administrators
LOCAL SERVICE
GPO: Default Domain Controllers Policy
Policy: SecurityPrivilege
Computer Setting: DOMAIN\Exchange Servers
Administrators
GPO: Default Domain Controllers Policy
Policy: ShutdownPrivilege
Computer Setting: Print Operators
Server Operators
Backup Operators
Administrators
GPO: Default Domain Controllers Policy
Policy: AuditPrivilege
Computer Setting: NETWORK SERVICE
LOCAL SERVICE
IIS APPPOOL\DefaultAppPool
GPO: Default Domain Controllers Policy
Policy: InteractiveLogonRight
Computer Setting: Print Operators
Server Operators
Account Operators
Backup Operators
Administrators
DOMAIN\IUSR_EXCH
GPO: Default Domain Controllers Policy
Policy: CreatePagefilePrivilege
Computer Setting: Administrators
GPO: Default Domain Controllers Policy
Policy: BatchLogonRight
Computer Setting: IIS_IUSRS
DOMAIN\Administrator
DOMAIN\IIS_WPG
DOMAIN\IUSR_EXCH
DOMAIN\IWAM_EXCH
LOCAL SERVICE
GPO: Default Domain Controllers Policy
Policy: LockMemoryPrivilege
Computer Setting: N/A
GPO: Default Domain Controllers Policy
Policy: NetworkLogonRight
Computer Setting: DOMAIN\IWAM_EXCH
Pre-Windows 2000 Compatible Access
ENTERPRISE DOMAIN CONTROLLERS
Authenticated Users
Administrators
Everyone
DOMAIN\IUSR_EXCH
DOMAIN\QBDataServiceUser19
GPO: Default Domain Controllers Policy
Policy: CreatePermanentPrivilege
Computer Setting: N/A
GPO: Default Domain Controllers Policy
Policy: SystemProfilePrivilege
Computer Setting: Administrators
GPO: Default Domain Controllers Policy
Policy: TcbPrivilege
Computer Setting: N/A
GPO: Default Domain Controllers Policy
Policy: ServiceLogonRight
Computer Setting: DOMAIN\backup.service
*S-1-5-80-2567096502-4068731684-1555260761-2520130083-3392037366
*S-1-5-80-1670033946-1058562292-2418231921-1479535664-4274663199
DOMAIN\SQLServer2005SQLBrowserUser$DC2
DOMAIN\firstname.lastname
NETWORK SERVICE
DOMAIN\QBDataServiceUser19
IIS APPPOOL\DefaultAppPool
SYSTEM
*S-1-5-80-797827364-3451187129-808634983-2979512460-2324440249
DOMAIN\Administrator
DOMAIN\SQLServer2005SQLBrowserUser$DC3
GPO: Default Domain Controllers Policy
Policy: RemoteShutdownPrivilege
Computer Setting: Server Operators
Administrators
GPO: Default Domain Controllers Policy
Policy: BackupPrivilege
Computer Setting: Server Operators
Backup Operators
Administrators
GPO: Default Domain Controllers Policy
Policy: EnableDelegationPrivilege
Computer Setting: Administrators
GPO: Default Domain Controllers Policy
Policy: UndockPrivilege
Computer Setting: Administrators
GPO: Default Domain Controllers Policy
Policy: SystemEnvironmentPrivilege
Computer Setting: Administrators
GPO: Default Domain Controllers Policy
Policy: DenyServiceLogonRight
Computer Setting: N/A
GPO: Default Domain Controllers Policy
Policy: LoadDriverPrivilege
Computer Setting: Print Operators
Administrators
GPO: Default Domain Controllers Policy
Policy: IncreaseQuotaPrivilege
Computer Setting: *S-1-5-80-1670033946-1058562292-2418231921-1479535664-4274663199
Administrators
NETWORK SERVICE
LOCAL SERVICE
DOMAIN\IWAM_EXCH
IIS APPPOOL\DefaultAppPool
*S-1-5-80-797827364-3451187129-808634983-2979512460-2324440249
GPO: Default Domain Controllers Policy
Policy: ProfileSingleProcessPrivilege
Computer Setting: Administrators
GPO: Default Domain Controllers Policy
Policy: AssignPrimaryTokenPrivilege
Computer Setting: *S-1-5-80-1670033946-1058562292-2418231921-1479535664-4274663199
NETWORK SERVICE
LOCAL SERVICE
DOMAIN\IWAM_EXCH
IIS APPPOOL\DefaultAppPool
*S-1-5-80-797827364-3451187129-808634983-2979512460-2324440249
Security Options
----------------
GPO: Default Domain Policy
Policy: PasswordComplexity
Computer Setting: Enabled
GPO: Default Domain Policy
Policy: ClearTextPassword
Computer Setting: Not Enabled
GPO: Default Domain Policy
Policy: ForceLogoffWhenHourExpire
Computer Setting: Not Enabled
GPO: Default Domain Policy
Policy: RequireLogonToChangePassword
Computer Setting: Not Enabled
GPO: Default Domain Policy
Policy: TicketValidateClient
Computer Setting: Enabled
GPO: Default Domain Controllers Policy
Policy: @wsecedit.dll,-59059
ValueName: MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel
Computer Setting: 2
GPO: Default Domain Controllers Policy
Policy: @wsecedit.dll,-59013
ValueName: MACHINE\System\CurrentControlSet\Services\NTDS\Parameters\LDAPServerIntegrity
Computer Setting: 1
GPO: ADAuditPlusMSPolicy
Policy: @wsecedit.dll,-59104
ValueName: MACHINE\System\CurrentControlSet\Control\Lsa\SCENoApplyLegacyAuditPolicy
Computer Setting: 1
GPO: Default Domain Controllers Policy
Policy: @wsecedit.dll,-59043
ValueName: MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature
Computer Setting: 1
GPO: Default Domain Controllers Policy
Policy: @wsecedit.dll,-59044
ValueName: MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature
Computer Setting: 1
GPO: Default Domain Controllers Policy
Policy: @wsecedit.dll,-59104
ValueName: MACHINE\System\CurrentControlSet\Control\Lsa\SCENoApplyLegacyAuditPolicy
Computer Setting: 1
GPO: Default Domain Controllers Policy
Policy: @wsecedit.dll,-59018
ValueName: MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSeal
Computer Setting: 1
N/A
Event Log Settings
------------------
N/A
Restricted Groups
-----------------
N/A
System Services
---------------
N/A
Registry Settings
-----------------
N/A
File System Settings
--------------------
N/A
Public Key Policies
-------------------
N/A
Administrative Templates
------------------------
GPO: Default Domain Controllers Policy
Folder Id: Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallTime
Value: 5, 0, 0, 0
State: Enabled
GPO: Default Domain Policy
Folder Id: Software\Policies\Microsoft\Windows NT\Terminal Services\RAUnsolicit\domain\firstname.lastname
Value: 100, 0, 101, 0, 106, 0, 101, 0, 114, 0, 111, 0, 92, 0, 110, 0, 105, 0, 99, 0, 107, 0, 46, 0, 110, 0, 103, 0, 104, 0, 105, 0, 101, 0, 109, 0, 0, 0
State: Enabled
GPO: Default Domain Controllers Policy
Folder Id: Software\Policies\Microsoft\Windows\WindowsUpdate\AU\AutomaticMaintenanceEnabled
Value: 1, 0, 0, 0
State: Enabled
GPO: Default Domain Policy
Folder Id: Software\Policies\Microsoft\Windows NT\Terminal Services\fAllowUnsolicitedFullControl
Value: 1, 0, 0, 0
State: Enabled
GPO: Default Domain Controllers Policy
Folder Id: Software\Policies\Microsoft\Windows\WindowsUpdate\AU\NoAutoUpdate
Value: 0, 0, 0, 0
State: Enabled
GPO: Default Domain Controllers Policy
Folder Id: Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallDay
Value: 1, 0, 0, 0
State: Enabled
GPO: Default Domain Controllers Policy
Folder Id: Software\Policies\Microsoft\Windows\WindowsUpdate\AU\AUOptions
Value: 4, 0, 0, 0
State: Enabled
GPO: Default Domain Policy
Folder Id: Software\Policies\Microsoft\Windows NT\Terminal Services\fAllowUnsolicited
Value: 1, 0, 0, 0
State: Enabled
GPO: Default Domain Controllers Policy
Folder Id: Software\Policies\Microsoft\Windows\EventLog\Security\AutoBackupLogFiles
Value: 49, 0, 0, 0
State: Enabled
USER SETTINGS
--------------
CN=Firstname Lastname,OU=IT Admins,OU=Domain Users,DC=domain,DC=local
Last time Group Policy was applied: 11/5/2020 at 7:17:08 PM
Group Policy was applied from: DC1.domain.local
Group Policy slow link threshold: 500 kbps
Domain Name: DOMAIN
Domain Type: Windows 2008 or later
Applied Group Policy Objects
-----------------------------
Redirected Folders - Domain-Users
Drive Mapping
Printers
Default Domain Policy
The following GPOs were not applied because they were filtered out
-------------------------------------------------------------------
Production Printer
Filtering: Denied (Security)
Local Group Policy
Filtering: Not Applied (Empty)
Printers - Finance
Filtering: Denied (Security)
The user is a part of the following security groups
---------------------------------------------------
Domain Users
Everyone
Event Log Readers
Performance Monitor Users
BUILTIN\Users
BUILTIN\Pre-Windows 2000 Compatible Access
BUILTIN\Administrators
REMOTE INTERACTIVE LOGON
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
This Organization
LOCAL
Domain Admins
Quality
FolderRedirectDeny
Software
Enterprise Admins
Authentication authority asserted identity
Denied RODC Password Replication Group
NetworkAdmins
High Mandatory Level
The user has the following security privileges
----------------------------------------------
Bypass traverse checking
Increase a process working set
Manage auditing and security log
Back up files and directories
Restore files and directories
Change the system time
Shut down the system
Force shutdown from a remote system
Take ownership of files or other objects
Debug programs
Modify firmware environment values
Profile system performance
Profile single process
Increase scheduling priority
Load and unload device drivers
Create a pagefile
Adjust memory quotas for a process
Remove computer from docking station
Perform volume maintenance tasks
Impersonate a client after authentication
Create global objects
Change the time zone
Create symbolic links
Enable computer and user accounts to be trusted for delegation
Add workstations to domain
Resultant Set Of Policies for User
-----------------------------------
Software Installations
----------------------
N/A
Logon Scripts
-------------
N/A
Logoff Scripts
--------------
N/A
Public Key Policies
-------------------
N/A
Administrative Templates
------------------------
GPO: Redirected Folders - Domain-Users
Folder Id: Software\Policies\Microsoft\Windows\NetCache\SyncAtLogoff
Value: 1, 0, 0, 0
State: Enabled
GPO: Redirected Folders - Domain-Users
Folder Id: Software\Policies\Microsoft\Windows\System\Fdeploy\FolderRedirectionEnableCacheRename
Value: 1, 0, 0, 0
State: Enabled
GPO: Intelsat
Folder Id: Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ListBox_Support_ZoneMapKey
Value: 1, 0, 0, 0
State: Enabled
GPO: Redirected Folders - Domain-Users
Folder Id: Software\Policies\Microsoft\Windows\NetCache\SyncAtLogon
Value: 1, 0, 0, 0
State: Enabled
Folder Redirection
------------------
GPO: Redirected Folders - Domain-Users
Folder Id: Documents
Primary Computer Evaluation: Not evaluated because primary computer policy is not enabled
InstallationType: basic
Grant Type: Not Exclusive Rights
Move Type: Contents of Local Directory moved
Policy Removal: Redirect the folder back to user profile location
Redirecting Group: N/A
Redirected Path: \\Domain-Files\Domain-Users$\%USERNAME%\Documents
Configuration Control: Group Policy
GPO: Redirected Folders - Domain-Users
Folder Id: Favorites
Primary Computer Evaluation: Not evaluated because primary computer policy is not enabled
InstallationType: basic
Grant Type: Not Exclusive Rights
Move Type: Contents of Local Directory moved
Policy Removal: Redirect the folder back to user profile location
Redirecting Group: N/A
Redirected Path: \\Domain-Files\Domain-Users$\%USERNAME%\Favorites
Configuration Control: Group Policy
GPO: Redirected Folders - Domain-Users
Folder Id: Desktop
Primary Computer Evaluation: Not evaluated because primary computer policy is not enabled
InstallationType: basic
Grant Type: Not Exclusive Rights
Move Type: Contents of Local Directory moved
Policy Removal: Redirect the folder back to user profile location
Redirecting Group: N/A
Redirected Path: \\Domain-Files\Domain-Users$\%USERNAME%\Desktop
Configuration Control: Group Policy
Internet Explorer Browser User Interface
----------------------------------------
N/A
Internet Explorer Connection
----------------------------
N/A
Internet Explorer URLs
----------------------
N/A
Internet Explorer Security
--------------------------
N/A
Internet Explorer Programs
--------------------------
N/A