Folder redirection GPO won't apply after installation of Win 10 Pro 21H1

Tim Toles 96 Reputation points
2021-06-15T16:36:11.173+00:00

Hi there,

I have a customer with a 2012 server; simple environment 1 DC, 10 Windows 10 Pro clients. One machine refused to do an upgrade from W7 to W10, so I did a clean install, which out up ver. 21H1. I have a server GPO for folder redirection, for one security group. This user is in that security group. Worked well when the machine was Win 7, works for every other W10 machine in the building, and for all the users in the security group. It refuses to apply on this one machine. When I run "gpresult /r", only the default domain controller GPO is applied. Gpupdate /force runs with no errors, but it doesn't help anything. On the server side, nothing has changed from the users' perspective.

I have seen posts about setting registry values for hardened UNC paths \*\NETLOGON and \*\SYSVOL, but that doesn't help.

On the server side, nothing has changed with regard to the user account.

I don't get this.

Please help ;-)

Tim

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,299 questions
Windows Server 2012
Windows Server 2012
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,579 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Fan Fan 15,326 Reputation points Microsoft Vendor
    2021-06-16T02:23:29.54+00:00

    Hi,

    Based on my understanding, all the computer GPOs and user GPOs don't apply on this specific computer (after installation of Win 10 Pro 21H1), right?
    If i misunderstand you, please feel free to let me know.

    Did you check the security filter, was the computer has the read permission on the folder redirection GPO?
    Are there any errors when you run gpresult /h report.html.

    You may try to run the following PowerShell command and check the result:
    Test-ComputerSecureChannel
    Test-ComputerSecureChannel -Server "DCName.domain.com"
    If the command fails, run command:
    Test-ComputerSecureChannel -Repair

    https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/test-computersecurechannel?view=powershell-5.1

    And then check if it repairs the issue.
    If not, it will be a quick way to remove and join it to the domain again.

    Best Regards,


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.