ken_nplMemberMar 30, 2011 at 2:42 pm #154038
I’ve been working on this through searching to the best of my ability, and I’m just stumped….
I’m setting up a new Group Policy for a public library’s Computer Lab. As such, I’m restricting access to certain items, and it works like a charm. Sometimes. I’m having problems with machines intermittently loading the GPO. I haven’t been able to get consistent results. Of the 10 machines, 5 will load the GPO correctly and 5 won’t. Reboot all machines and the previous 5 that didn’t load correctly, load fine. I’ve attributed this to a couple of problems I have…
1) I have the machines set to delete all profiles on reboot (I can’t have people saving naughty pictures on the computers then Grandma sitting down next and seeing them). This causes the GPO to have to load on everyboot. The machines each boot at least 10 times per day…
2) OpenDNS. Being a public computer lab, we need a cheap/free web filtering solution and I’ve implemented OpenDNS. I’m almost sure this is where the problem is…I’ve set OpenDNS on the DNS Server “Forwarding” per OpenDNS’s instructions here:
When the GPO fails to load, if I run an nsloopup from the client to my DNS Server (dc1.XXX.lib.XX.us), I get IP Addresses for OpenDNS’s servers. This bothers me.
If I disable the OpenDNS forwarding, the GPO’s load much more consistently (though I still can’t say 100%)
I’ve done enough searching to come across DeleGate, but don’t want to go down that road until I’ve made sure I’ve covered all my bases first.
I can provide dnslint and dcdiag both PASS my DNS test. (I can provide complete logs if necessary)
Any ideas here?
You must be logged in to reply to this topic.