Recently a question came up in the newsgroups about what the difference is between the set of partitions on a domain controller and the set of partitions on a global catalog server.  I wanted to take the opportunity to include the answer here and expand upon it slightly. The question specifically was, “In a multi-domain environment, what is the main difference between the partitions on a domain controller that is also a global catalog server, versus other domain controllers that are ... [More]

Well, we’ve made it through the debug logs for normal mode and merge mode and now it is on to replace mode and time to answer our original question, “In replace mode, when does the user configuration portion of policies which apply to the computer object get applied.  Is it applied when the computer starts up?  Or is it applied when a user logs on?” This post is part 3 of a 3 part series where we are examining the debug output for each policy processing mode: Loopback Policy Proce... [More]

This post is part 2 of a 3 part series where we are examining the debug output for each policy processing mode: Loopback Policy Processing Debug Series – Normal Mode Loopback Policy Processing Debug Series – Merge Mode Loopback Policy Processing Debug Series – Replace Mode In our last post, we reviewed the UserEnv log to see how policy is applied to workstations and users under normal circumstances.  In normal mode, processing of workstation group policy restricts itself to t... [More]

When it rains it pours I suppose.  Just after I dropped the last loopback policy processing post, I got an email from another friend at Microsoft asking about how replace mode actually works.  What he wanted to know exactly was when does the user configuration portion of policies which apply to the computer object get applied.  Is it applied when the computer starts up?  Or is it applied when a user logs on? It’s a fair question.  The loopback policy setting is ... [More]

  I wanted to follow-up on a previous post and respond to a newsgroup post with this loopback policy processing model. I am taking the inspiration for this from the newsgroup post though there is some deviation for the sake of the illustration.  Okay, let’s go. In our globally-applied Default Domain Policy, a screen saver timeout is set to 30 minutes. Right now, this is the only screen saver timeout policy in the domain. This policy setting exists in the User Configuration portion of... [More]

It’s not the first time that we’ve talked about it and it certainly won’t be the last – Microsoft’s well-intentioned proliferation of information sometimes can actually create confusion through incomplete information or contradiction, perceived or real.  Loopback policy processing is one of those technologies that is destined to fit into this bucket. It comes up pretty frequently in the newsgroups and not long ago we responded to one such question here:  ... [More]

Okay Microsoft, you are doing a good job of evangelizing Windows 7 and more importantly, this time around you are getting a lot of help from the consumers of the operating system.  People love the operating system and they are willing to spread the news for you – or maybe for themselves since everyone likes to bear good news.  You should be proud of that but you should also remember that everyone is going to find out about your new OS pretty much whether you advertise or not.&nbs... [More]