155 questions
155 questions with Windows for business | Windows Server | Directory services | Deploy group policy objects tags
0 answers
When running a Powershell script via GPO to enable Bitlocker. "A required privilege is not held by the client. (Exception from HRESULT: 0x80070522)"
We're moving towards using BitLocker for FDE to all of our users. Just got everything in GPO created, startup PowerShell script attached, and everything started moving fine in the initial testing of a few machines. Once I started to open that testing to…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-08-29T15:28:01.6966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 72%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKD%3C/text%3E%3C/svg%3E)
Korazu DyShin
0
Reputation points
asked 2025-08-29T15:28:01.6966667+00:00
Korazu DyShin
0
Reputation points
1 answer
How to fix Error 0x800706ba (RPC) on the client side?
Hi Microsoft Community, Good day! As part of our security, we tried to Enable the "Restrict Unauthenticated RPC clients" (Computer Configuration > Administrative template > System > Remote Procedure Call) and set it to…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-08-28T03:57:50.41+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 33%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJD%3C/text%3E%3C/svg%3E)
Joshua D. Engracia
0
Reputation points
commented 2025-08-29T01:30:55.24+00:00
Joshua D. Engracia
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Windows Hello for Business – Biometric requires PIN after success (Hybrid + Intune)
We are deploying Windows Hello for Business (WHfB) in a hybrid Azure AD joined environment, managed via Intune Account Protection policies. Our requirement is: fingerprint/face should unlock the device directly, and PIN should only be required if…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-08-25T08:20:08.2233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 28.999999999999996%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESA%3C/text%3E%3C/svg%3E)
Sachin Ameta
25
Reputation points
commented 2025-08-25T15:41:36.8766667+00:00
Sachin Ameta
25
Reputation points
1 answer
One of the answers was accepted by the question author.
Issue with Domain and Client with Domain account
Hi, I have created some GPOs and deployed it to some client machines. The GPO does not applied on some machines. I did do the following PS and see why: Test-ComputerSecureChannel -Server "DCName.domain.com" result :…
Windows for business | Windows Server | Directory services | Deploy group policy objects
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 90%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EST%3C/text%3E%3C/svg%3E)
1 answer
How to make Group Policy User Config Registry settings apply to RDS Remote Apps?
Windows Server 2019, Remote Desktop Services I am trying to disable Sticky Keys for users of a Remote App. I have created a Group Policy Object which updates three registry keys under the path HKEY_CURRENT_USER/Control Panel/Accessibility I have…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-08-22T15:24:48.1066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 28.000000000000004%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJH%3C/text%3E%3C/svg%3E)
James Hamilton
0
Reputation points
answered 2025-08-22T16:14:12.3266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 33%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDV%3C/text%3E%3C/svg%3E)
Domic Vo
1,015
Reputation points
Independent Advisor
1 answer
Disable Cached Exchange Mode on Terminal Server
I am unable to find the administrative templates to disabled Cached Exchange Mode on a WS2025 TS I am deploying. Are these baked into some other area or is this no longer possible? When I go searching for the templates I reach a 404 page from this URL:…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-08-07T22:04:36.8633333+00:00
Craig B
0
Reputation points
answered 2025-08-19T11:11:18.8033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 90%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EQQ%3C/text%3E%3C/svg%3E)
Quinnie Quoc
1,545
Reputation points
Independent Advisor
1 answer
How to determine true Enabled/Disabled state of local policies (as shown in gpedit.msc)
Hello, I’m working on a local (non-domain) Windows 10-IOT machine and trying to programmatically determine whether specific local group policies are actually enabled or disabled — exactly as they appear in gpedit.msc. I’ve tried reading the corresponding…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-06-15T09:35:33.7166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 12%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOY%3C/text%3E%3C/svg%3E)
Omer Yanay
0
Reputation points
answered 2025-08-08T11:15:49.5366667+00:00
Domic Vo
1,015
Reputation points
Independent Advisor
1 answer
Issue Applying the GPO to ONLY Computer group
Good afternoon, I am trying to deploy a group policy that will apply a background image to only a specific group of computers. Insights: My company has on-prem servers and Azure hosted servers that are domain joined. The users (about 90) they log in to…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-08-05T16:33:46.4366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 50%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESO%3C/text%3E%3C/svg%3E)
Simone Oddi
0
Reputation points
answered 2025-08-06T02:04:00.1133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 68%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Geoff McKenzie
950
Reputation points
1 answer
Group Policy processing failed: Unable to apply Folders, Files, Services, Registry settings
I'm encountering multiple Group Policy application issues when running a policy update on a domain-joined computer. The output message shows that computer policy updated successfully, but with warnings and errors in applying specific settings. Here is…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-07-31T05:20:23.2566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 91%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENP%3C/text%3E%3C/svg%3E)
Nyamsuren Purevsuren
0
Reputation points
answered 2025-07-31T05:22:40.54+00:00
Nyamsuren Purevsuren
0
Reputation points
1 answer
How to create a GPO for Powershell block in computer objects and add exception to a specific security group? I have tried through software restriction policy ( adding path rule)and Applocker ( adding executable rule ), but not working .
How to create a GPO for Powershell block in computer objects and add exception to a specific security group? I have tried through software restriction policy ( adding path rule)and Applocker ( adding executable rule ), but not working .
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-07-03T12:56:20.5233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 82%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Adarsh Mohan
0
Reputation points
answered 2025-07-22T16:36:11.4433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 81%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECT%3C/text%3E%3C/svg%3E)
Chen Tran
1,805
Reputation points
Independent Advisor
2 answers
User's Part of GPO not applied to Computer altough loopback GPO processing is configured
Environment is with two forests and one-way trust. Goal is to apply some user's settings for users from "domain A" loging in computers in "Domain B". In "Domain B" GPO with "loopback processing configured" (GPO#1)…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-03-22T08:01:29.5933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 60%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHB%3C/text%3E%3C/svg%3E)
Haris Brkanic
1
Reputation point
answered 2025-03-24T06:32:29.96+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
1 answer
Locking myself out of my gaming pc
3 years ago, my micosoft account got hacked and, I got worried so I accidentally locked my gaming pc tower, I did some research and I found out that I was hacked by an mfa account so I wasn't able to log back into my Microsoft account, then a few days…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-03-08T21:20:17.1366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 88%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESA%3C/text%3E%3C/svg%3E)
sean Affleck
0
Reputation points
answered 2025-03-10T01:31:46.04+00:00
Anonymous
5 answers
Need to Remove Delete option for the Domain User's from File Server where the folder is already shared
Need to Remove Delete option for the Domain User's from File Server where the folder is already shared and user's are having Full rights for the folder. Tried to Edi the Permission and uncheck the delete option but it doesn't work. Tried to apply a group…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-02-26T08:28:00+00:00
Anonymous
answered 2025-02-27T05:55:43+00:00
Anonymous
10 answers
Group Policy Loopback Not Blocking Site-Based User Policy
I've got a loopback policy (Configure user Group Policy loopback processing mode = replace) targeted at an OU containing a terminal server (Windows 2022). This prevents any user policies targeted at the User OU from being applied when the user logs in…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-02-14T01:52:53+00:00
Anonymous
answered 2025-02-20T11:44:56+00:00
Anonymous
10 answers
Create A GPO to disable USB Storage Devices
Create A GPO to disable USB Storage Devices. Hi All, newly setup environment. ON prem AD syncing to AAD I need block access to all USB Removable storage devices but allow some users to have access. My idea is to create the policy and link it to the…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2023-12-07T10:02:09+00:00
Anonymous
answered 2025-02-19T19:38:49+00:00
Anonymous
2 answers
GPO failed to apply to domain computers
I've created a policy on GPO to block usb device for all domain users but it's not worked with some PCs. It seems like the policy couldn't apply to those PCs. Please help me to find the solution for this issue. Thanks!
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2024-10-25T12:14:39+00:00
Anonymous
answered 2025-02-19T07:12:22+00:00
Anonymous
2 answers
Windows Server 2019 Not Allowing Minimum Password Length Greater Than 14 Characters
WS 2019 GPO Minimum Password policy requires greater than 15 characters based on corp policy. GP does not allow for the policy characters to be above 14. Server is on latest build 1809 v 17763.1.amd64fre.rs5_release.180914-1434. There is also no…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2024-11-26T20:46:56+00:00
Anonymous
answered 2025-02-06T00:46:22+00:00
Anonymous
2 answers
One of the answers was accepted by the question author.
specific profile for admin rights in Windows Server AD environment
Dear colleagues :) Please could you help me with one task, that I cannot solve myself. I would need to design an account in Windows Server AD, which could install/uninstall software, but cannot add/change/remove user accounts on that server. Could that…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2024-09-17T13:37:07+00:00
Anonymous
answered 2025-02-03T10:36:56+00:00
Anonymous
1 answer
If i apply Software restriction policy to block exe files, can't we install software remotely from third party software like desktop central on the machines
If i apply Software restriction policy in active directory using Group Policy to block exe files, can't we install software remotely from third party software like manage engine desktop central on the machines?
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2024-08-21T13:24:20+00:00
Anonymous
answered 2025-02-03T06:54:24+00:00
Anonymous
2 answers
Sounds admx on Windows Server 2012
Hello, we're having issue with Enhanced Audio Options in Windows Sound settings. The immediate issue is that Teams call audio is non-existing - only seems to be an issue within Teams - however, we've found resolution in manually toggling Enhanced Audio…
Windows for business | Windows Server | Directory services | Deploy group policy objects
asked 2025-01-29T14:30:40+00:00
Anonymous
answered 2025-01-31T12:34:44+00:00
Anonymous