Search

Search for words used in entries on this website

Enter the words[s] to search for here:

Sponsors

GPO processing and ICMP

By coincidence I found a important issue with GPO processing today, concering ICMP traffic. Situation: when a client is able to contact the domain controller and download the group policy, but cannot ping it (ie: ICMP is disabled by a firewall), GPO processing will fail! Here is the official text from MS:

Networking Make sure that your network meets the requirements for change and configuration management technologies. Because Group Policy works with fully qualified domain names, you must have DNS running in your forest in order to correctly process Group Policy; you cannot use NETBIOS only. Also, because client or destination computers must be able to contact your network’s domain controllers, do not turn off the ICMP protocol. If destination computers cannot ping the domain controllers, Group Policy processing will fail. (url)

Name:			Remember personal info? Yes No
Email:
URL:
Comment:		Emoticons / Textile
Before sending a comment, you have to correctly answer a simple question you know the answer to. This is a countermeasure against automated spam bots. What are the first four letters of Techlog?     ( Register your username / Log in )
Notify:		Yes, send me email when someone replies.
Hide email:		Yes, hide my email address.
Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.