Hello all-
I've got a client with GPOs assigned to Organizational Units (Windows 2003 AD structure) based upon geography. The OU structure is 4-layers deep (Global/Regional/Site/Remo
te office.) The problem is that is a global company and some support people around the world need to manage specific "Global" servers that are in the top-level OU (call it Global).
Now, if I live in Shanghai, China and I log in as lee.chang, I'll process all the GPOs especially the settings for my locale this includes Proxy and web settings (due to local laws, local web browsing could very well be restricted or turned off). All this makes sense and all users, even support personnel, will log in as themselves for daily operations.
Now, if certain desktop and IE settings are restricted for me in China, this will translate into restrictions when I try to RDP into my "Global" servers, correct? Also, if I have restricted Internet access in China and I RDP into a Global-based server, I won't be able to run Windows Update and any other Internet-based, correct? Finally, I'm not entirely clear on Loopback Processing and would this eliminate this problem?
Any and all feedback is appreciated.
Start Free Trial
