Okay little background....

I have 2 citrix servers in a farm. I am pushing a GPO to both of them and on Citrix1, it works correctly. When I publish an application it works correctly. Now I am pushing out a webbased program. The program is set in the Trusted Sites of IE7 and when it launches, it shows up in Trusted Sites.

Now take the same application and when I publish it via Citrix2, it will not work. It shows up as Internet Sites instead of a Trusted Sites.

The GPO are exactly the same except for one thing. On Citrix1, rsop.msc shows only the domain policy (which is correct) but on Citrix2, rsop.msc shows both Domain policy and Local policy.

Now my question, is it a possiblity that Citrix2 is pushing out the local policy instead of the domain policy?

Any info would be great.

If you change the Polarity on the Flux Capacitor this should reverse the flow of Electrons therefor making the Policies you are dealing with swap application's...
Basically causing a shift in the time space continuum, linking our time with the LAND TIME FORGOT...

Just bring your shot gun, I hear there are some big animals there.

I'm pretty sure GPO happens in order of Local, Site, Domain, then Organizational unit. So the domain link should process after the local policy and take precedence. Are there any local policy's on citrix2 that aren't on citrix1?

Domain takes presidence over local policy.

Have you tried enabling the loopback policy on that citrix group policy? Also, why do you have 2 citrix policies? Why not just create an organizational unit and move your citrix servers into it then create one gpo. If you ever add another citrix server, you just move into that OU and all your settings are automatically configured. You may want to block inheritance also.

Toby, that is how i have it setup, but for some reason one of the servers was not working correctly with GPO that was running.

I ended up just reformatting and reinstalling win2k3 enterprise and now everything is working correctly. Think that there was an issue with the other install. It had been acting a little flaky to say the least

You could have just copied the policies from one machine to the other. It may have saved you a reinstall.

i had been having some other issues with that server besides the policy issue, so it wasnt the only thing i was thinking about....so not a big deal. It was a server that was not in production yet so it didnt hurt me any.

Took about 4 hours total to get everything back installed and working and working better than it has in awhile