This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 48%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EO%3C/text%3E%3C/svg%3E)
Hi,
We've run into a problem where a number of Group Policies are applying more than once when running gpresult on a multitude of machines.
Group policies that shouldn't be applying (due to blocked inheritance) are also applying to an account in a test OU.
We were basically trying to test a copy of the Default Domain Policy with a different settings applied to a test account in a test OU, however noticed that the original Default Domain policy, and other GPOs, are still applying to the account even though they're not enforced. I've checked and loopback processing is not enabled.
This isn't the case for all machines, some are reporting applied GPOs correctly, but some have this issue.
I've attempted to clear GPO cache off the machine, tried reprofiling the user and even re-joined the machine to the domain, but the issue still persists.
We've checked for sysvol replication errors, but everything looks good.
Does anyone have any ideas what I could do to troubleshoot this further?
The issue was resolved with Microsoft support.
Loopback processing on Domain Computers was the culprit - apparently, if even one GPO in a particular OU has loopback processing enabled, all other GPOs in the OU will be affected as well. This also affects inherited group policies.
We solved this by getting rid of loopback processing as it's made our domain level GPOs such as Default Domain Policy duplicate and apply to users on OUs that shouldn't.