Resolution
fact
NetIQ Group Policy Administrator 4.0
symptom
Receive 'Access Denied' when running RSoP Analysis and specifying a User or Computer that are members of nested groups.
symptom
RSoP Analysis is not including Group Policies that pertain to nested groups that the User or Computer object is a member of.
cause
RSoP Analysis is not processing nested groups when computing Resultant Set of Policies.
fix
NetIQ Group Policy Administrator 4.0
symptom
Receive 'Access Denied' when running RSoP Analysis and specifying a User or Computer that are members of nested groups.
symptom
RSoP Analysis is not including Group Policies that pertain to nested groups that the User or Computer object is a member of.
cause
RSoP Analysis is not processing nested groups when computing Resultant Set of Policies.
fix
This issue is resolved in NetIQ Group Policy Administrator 4.0 Hotfix 41790
This hotfix provides the following improved functionality:
- You may experience improved performance when generating Comparison reports.
This hotfix corrects the following issues:
- Hotfix 41790 allows you to select a trusted domain when mapping security principals with the Domain Map.
- Hotfix 41790 corrects an issue where RSoP Analysis would not process certain nested groups when computing Resultant Set of Permissions. Hotfix 41790 correctly processes nested groups.
- Hotfix 41790 corrects an issue where the repository would not check in some changes to GPOs that included upgrade packages. Hotfix 41790 correctly checks-in changes to GPOs that include upgrade packages.
To install this hotfix, run GPA40000_Hotfix41790.exe on each GPA console computer.
This hotfix modifies the following files in the installation folders. By default, this folder is \Program Files\NetIQ\Group Policy Administrator 4.0:
- \Bin\faGPRInterface.dll
- \Bin\faGPR.dll
- \Bin\faTokPrv.dll
- \Bin\XML\GpoCompare\faADMFuncDiff.xsl
- \Bin\XML\GpoCompare\faGPODiffReportXML.xsl
- \Bin\XML\RSOP\faRsopAnalyzeGpsGpos.xsl
- \Bin\XML\Rsop\faRsopExecuteAccountTokenQuery.xsl
- \Bin\XML\Rsop\faRsopExecuteLdapQuery.xsl
- \Bin\XML\Rsop\faRsopHierarchy.xml
- \Bin\XML\Rsop\faRsopProcessLdapResult.xsl
For more information, contact NetIQ Technical Support.
Additional Information
Formerly known as NETIQKB42655