I currently have two Windows 2012R2 Domain Controllers. I recently stood up two Windows Server 2019 instances and promoted them to Domain Controllers. The plan is to eventually demote/retire the current 2012R2 instances when a few other applications in our environment have been migrated to a set of new (separate) 2019 instances.
I ran a gupdate /force on the 2019 DC instances and noticed that a "User Policy Update" failed message returned. Running gpupdate /force on my 2012 R2 instance returned no errors/failures. I used rsop on both servers (2012 and 2019) and noticed that a few of the settings available on the 2012 R2 DC instances are not available on the 2019 instances. See one example below:
I believe these missing settings is what's causing the "User Policy Failed" error I receive on the 2019 machines.
Since the plan is to eventually retire the 2012 R2 DC instances altogether, what is the best move to address these "missing" settings on the 2019 instances?:
- Edit the gpo's after the 2012 R2 DC's are decommed?
- Edit the gpo's before for the 2012 R2 DC's are decommed?
- Something else altogether?
I should note, after retiring/decomming the 2012R2 DC's in our environment there won't be any Windows Server 2012 R2 instances left. I appreciate any thoughts or suggestions on how best to proceed, thanks!
