I'm delivering DEM at the moment and due the nature of the customers enterprise, we are using loopback processing (merge) to deliver the DEM user policies on specific pools of VDI machines. The GPO t...
See more...
I'm delivering DEM at the moment and due the nature of the customers enterprise, we are using loopback processing (merge) to deliver the DEM user policies on specific pools of VDI machines. The GPO that contains all the DEM user policies + the loopback processing setting also has a WMI filter attached to it to target the pool child machines + the master image hostnames. I've done several deployments where I've created brand new pools (i.e. new computer AD objects being generated + new , empty OU with no other GPO's assigned, and just my DEM+loopback policy linked) - and it's worked a charm. I always ensure the master image is in the same OU as child vm's. However, I'm really stuck at the moment with one deployment where the machine is marked as 'True' by the WMI filter, but the policy is simply not applying. I've checked auth users is a member, the policy has state 'Enabled' (i.e. user and computer settings are enabled) and there's no weird delegation/scoping going on. GPresult shows the child vm's are valid for the WMI filter, and I can see the policy being read in the output of gpresult - however, none oft he settings are applying? I can see the forecast of all the other settings and their respective winning policy, but no sign of my uem ones? I then join the master image onto the domain and sign in with a domain account - and it works a charm? So why are the child VM's not working when I push the snap to a pool? I do remove the master from the domain and join to workgroup before takign a snap, but surely this should not yield the results i'm getting (have done this on other , working, pools). Is it likely that because I've 'reused' the computer objects on earlier 'different' images, somehoe the policy is not recognised?