cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Prompt for consent on secure desktop domain policy is failing to override local policy

null null
Copper Contributor

‎Aug 04 2019 11:37 AM - edited ‎Aug 05 2019 06:41 AM

‎Aug 04 2019 11:37 AM - edited ‎Aug 05 2019 06:41 AM

Prompt for consent on secure desktop domain policy is failing to override local policy

A domain gpo is set to prompt for consent on the secure desktop. The 1809 security baseline is applied as a local gpo with the -domainjoined argument. The domain policy is not overriding the local policy. This is LTSC 1809.

https://blogs.technet.microsoft.com/secguide/2018/11/20/security-baseline-final-for-windows-10-v1809...
1,367 Views
0 Likes
2 Replies
Reply
2 Replies
Aaron Margosis

‎Aug 26 2019 10:21 AM

‎Aug 26 2019 10:21 AM

Re: Prompt for consent on secure desktop domain policy is failing to override local policy

I don't understand the issue. It sounds as though both the domain and local policy apply the same setting. What's to override?

0 Likes
Reply
dretzer

‎Aug 26 2019 11:59 PM - edited ‎Aug 27 2019 12:00 AM

‎Aug 26 2019 11:59 PM - edited ‎Aug 27 2019 12:00 AM

Re: Prompt for consent on secure desktop domain policy is failing to override local policy

Open a PowerShell as admin on the machine in question and type:

 

gpresult /h c:\report.html

 

Open the report in your browser and scan through it. You will see each policy that gets applied (local and domain). You also see the order in which they got applied, how long it took, the reason of failure if one fails and each an every configured setting. Each setting shows you exactly from which policy it came.

 

You should be able to narrow down your problem this way.

@null null 

0 Likes
Reply