Re: [ActiveDir] Problem with IE security Policies GP

[support]

Hi Sudhir,   Use of a mandatory profile should not matter. I presume you have checked things like other policies at a higher priority and checked that loopback processing, Policy Overrides etc is not confusing the issue. Also check the Event log to see if there are any errors processing policies.   In such cases I always enable detailed logging and then check out the UseEnv log in %System%\Debug\UserMode\UserEnv.log. This should show you exactly what policies are being applied etc.   To help interpret this log we offer a small utility for free. Try it and see if you can see what is happening. If you are running XP it also gives a report on what policies have applied for each user logging on to the machine.  Alternatively, email me the log with a bit of Info and I will see if I can help you. Note: The program makes it easy to enable full logging. http://www.sysprosoft.com/index.php?ref=activedir&f=policyreporter.shtml        Alan Cuthbertson  Policy Management Software:- http://www.sysprosoft.com/index.php?ref=activedir&f=pol_summary.shtml ADM Template Editor:- http://www.sysprosoft.com/index.php?ref=activedir&f=adm_summary.shtml ----- Original Message ----- From: Sudhir Kaushal To: ActiveDir@mail.activedir.org Sent: Thursday, December 29, 2005 1:13 AM Subject: [ActiveDir] Problem with IE security Policies GP Hi, My users connect through ICA session to couple of Citrix desktop servers ( all windows 2000 ). The profiles they are using are mandatory. In those profiles the IE security settings for Internet Zones\Navigate subframes across different domain are set to "Prompt". I want this settings to be changed from "Prompt" to "Enable". My DC's are 2003. I edited the GP associated with the effected users OU and configured this particular settings and set it to "enable", However the users are still getting the older IE settings. I dont know where i am going wrong.. Any help would be appreciated. Regards, Sudhir   -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind CSC to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose. --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------