By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Amazon Workspaces - applied WSP GPO has no effect?

0

Hi! I'm having an issue with the TimeZone Redirect GPO that is successfully applied to multiple Amazon Workspaces. We are Disabling the redirection but the settings are still inaccessible as we receive this message: "Unable to Continue - You do not have permissions to perform this task..."

Confirmed the GPO is applying successfully in gpmc.msc as well as the registry (HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Amazon\WSP\hc_toggle_timezone (0))

ref - https://docs.aws.amazon.com/workspaces/latest/adminguide/group_policy.html#gp_time_zone

The only difference is that I've created a sub OU to apply this GPO as opposed to updating the Default Domain Policy per the documentation (we shouldn't need to do that)

not solved - https://repost.aws/questions/QUaaJezwCER_-679V1xcqacg/aws-workspace-timezone-resetting-after-disable-timezone-redirection

not solved - https://repost.aws/questions/QUQephEiwKR6-BHocpz-JMug/in-workspace-to-maintain-the-timezone-as-utc-across-all-workspaces-i-created-the-gpo-settings-suggested-by-the-aws-but-the-gpo-rule-is-applying-on-few-workspaces-but-it-is-not-working-on-others

Topics
End User Computing
Tags
Amazon WorkSpaces
Language
English
rePost-User-0623581
asked a year ago380 views
2 Answers
1
Accepted Answer

For anyone that comes across this post, this is the current workaround (still not resolved)

  • open Command Prompt as an Administrator
  • run this command: tzutil /s "NAME_OF_TIMEZONE"
    • For example: tzutil /s "Pacific Standard Time"
    • If you would like to see a list of available time zones run: tzutil /L
    • If you want to see the current time zome run: tzutil /g

The support case I was working with ended with support stating that "Yes, at the moment that seems to be the only way to change it. I get the same error message as your screenshot. I wouldn't say it is by design but rather seems to be a bug on our end. I'll be reaching out to the WorkSpace Service Team and bringing it to their attention." and this is basically the only workaround for now.

rePost-User-0623581
answered a year ago
0

The error "Unable to Continue - You do not have permissions to perform this task" typically indicates you lack permissions to perform the Timezone redirect GPO task.

  1. Please verify if you are a member of the Domain Admins Group or have been delegated appropriate permissions by a member of Domain Admins Group.

  2. If you are trying to modify GPO as a member of Domain Admins Group, make sure that this user has appropriate permissions. You can check the Group policy creator owners group to verify if the user is present.

Once ensuring the permissions are proper, please make sure to do the following:

Reboot the WorkSpace (in the Amazon WorkSpaces console, select the WorkSpace, then choose Actions, Reboot WorkSpaces). In an administrative command prompt, enter gpupdate /force.

If you still face issues post this, please feel free to open a support case with AWS Workspaces team.

AWS
SUPPORT ENGINEER
Jeff_B
answered a year ago
  • rePost-User-0623581
    a year ago

    thanks Jeff All users provisioned with an Amazon Workspace are local admin, confirmed that I am as well, just be certain. The GPO is already created by a Domain Admin (me), applied successfully to the Workspace and confirmed via gpmc.msc so there is no need to modify further. The fact that this GPO is created and applied successfully renders part of #2 in your response, moot. But thanks for confirming that I needed to open a support case, for reference it's Case ID 12422473461 and should probably be escalated.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content