I must be missing something obvious here.
We have a GPO linked to a computer OU.
The GPO runs a VB logon script (a user policy) when users log on.
I was just about to enable loopback processing on this GPO to allow it to take effect, but I realized that it was already being applied to all users who log on to the PCs in the computer OU in question.
None of the GPOs in AD currently have loopback processing enabled (I checked all of them).
Does anyone know what might be going on here?
Best Answer
I eventually discovered that the GPO had been linked twice- and it was the other instance (linked to the "all users" OU) which had been applied all along.
Once I unlinked the GPO from the users OU (not shown in my screenshot), the expected behaviour (as far as requiring loopback processing to be enabled was concerned) was exhibited.
The GPO now does not apply the user settings to users logging on to PCs in the OU to which the GPO is applied- unless loopback processing is enabled. I am pleased that it now makes complete sense to me and, more importantly, unlinking the second instance of the GPO means printers are selectively mapped depending on the PC being logged on to.
Linking that GPO to a user OU would have given users the same experience irrespective of the PC they logged on to- which is not what we want as different printers are located near different groups of PCs.