question

lra-4650 avatar image
0 Votes"
lra-4650 asked vipulsparsh-MSFT answered

Authentication to Azure

We have an on-prem domain syncing Users & Devices to our 365 (Azure) with AD Connect.

When an AD user authenticates against Azure (ie the login page has Access Work or School) the GPOs set on-prem do not apply to the User. Only Computer GPOs with Loopback Processing enabled apply.

The computer is still domain joined and the user exists on-prem and in Azure, so it's the same user account.
Can anyone explain what is happening? Or, how can I get them to apply?

Any help would be greatly appreciated.

azure-ad-connect
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

vipulsparsh-MSFT avatar image
0 Votes"
vipulsparsh-MSFT answered

Can you share the screenshot where the user is logging in actually ?

You are most probably talking about the Azure AD Domain Services which are capable of pushing GPO down to devices.
Loop back processing would mostly look for the place (OU) where the computer policies are stored and will only process computer policy and not the user policy.
You need to make sure that the user policy is also present in the same location for it to process.

Let me know if you have any questions.


If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.