ARCHIVED: Using Microsoft Windows 2000, how do I force a group policy to be applied?
When you make a change to a Group Policy Object (GPO), the change takes place on a Windows 2000 domain controller. The change then replicates to all other domain controllers in the Active Directory. All Windows 2000 computers in Active Directory check for modifications to GPOs at regular intervals. If there are changes, then they are applied during the next interval.
If you need to apply the change immediately, you can use one of the following commands to trigger the process:
- To refresh the group policy for the local computer, enter: secedit /refreshpolicy machine_policy
- To refresh the group policy for the user currently logged in, enter: secedit /refreshpolicy user_policy
These commands compare the currently applied GPO to the GPO located on the domain controllers. If nothing has changed since the last time the GPO was applied, then the GPO is skipped.
To force a GPO to be reapplied, whether or not changes have been made
to the GPO, use the /enforce switch:
secedit /refreshpolicy machine_policy /enforce
Once Windows 2000 accepts the request, it will display the following
message:
"Group policy propagation from the domain has been initiated for this computer. It may take a few minutes for the propagation to complete and the new policy to take effect. Please check Application Log for errors, if any."
This information was adapted from article 227448 at the Microsoft Help and Support web site.
Search Microsoft Help and Support.
Last modified on October 26, 2009.
