I have a scenario where I have two Windows 2003 servers on an active directory domain (same organizational unit), and a single domain user is being used to log into each server via Remote Desktop (the user is a member of the administrators group).
On server1, I can access the "automatic updates" dialog via Control Panel -> Automatic Updats and can change the settings as expected.
On server2, the "automatic updates" dialog appears, but all the controls are grayed out.
Does anyone know what situations could occur that would cause this difference in behavior, again, noting that it's the same AD user that is accessing each server?
I've looked at the local policy on server2, based on suggestions provided below, but I am not sure which policy I'm looking for. None seemed to jump out at me, so any specific suggestion would be appreciated.
Scott
Best Answer
Group policy is probably the reason why this is happening. Group Policy can be applied an many levels, local, AD site, AD domain, OU. This order means that the local GPO is processed first, and GPOs that are linked to the organizational unit of which the computer or user is a direct member are processed last, which overwrites settings in the earlier GPOs if there are conflicts. (If there are no conflicts, then the earlier and later settings are aggregated.)
In addition there are essentially 2 versions- computer and User. Computer policy is applied first then the user policy when the user logs on. Check the group policies in the reverse of that order to find the offending policy. The simplest way to see what policies are applied is with the RSOP snapin