<div>
TSWEB uses Terminal Services, so you can either create a Local Policy or use a Group Policy in AD.<br />
<br />
A local policy will apply to the local system and everyone who logs into it, Administrator included.<br />
<br />
A group policy will apply to only those people who you want it to, depending on where you place it in the tree.<br />
<br />
My advice? &nbsp;Forget the local policy and/or registry changes to lock down the system, because your Administrator will get this applied as well. &nbsp;Create an OU in Active Directory, stick your server in the OU, create a GPO on the OU with your restrictions. &nbsp;Then place your Domain Admin account in an OU underneath that one and block policy inheritance.<br />

</div>


TSWEB uses Terminal Services, so you can either create a Local Policy or use a Group Policy in AD.

A local policy will apply to the local system and everyone who logs into it, Administrator included.

A group policy will apply to only those people who you want it to, depending on where you place it in the tree.

My advice?  Forget the local policy and/or registry changes to lock down the system, because your Administrator will get this applied as well.  Create an OU in Active Directory, stick your server in the OU, create a GPO on the OU with your restrictions.  Then place your Domain Admin account in an OU underneath that one and block policy inheritance.


<div>
pretxt is right, that's a better way of doing it.
</div>


pretxt is right, that's a better way of doing it.

<div>
<div class="content wysiwyg-content">
I am running TSWEB on Server 2000, I need to set group policies without locking out the administrator. &nbsp;Is there another way other then creating an OU Group Policy in AD?(Microsoft Knowledge Base Article 278295.) &nbsp;This way I need to create logon accounts for Temtinal Server users. &nbsp;
</div>
</div>


I am running TSWEB on Server 2000, I need to set group policies without locking out the administrator.  Is there another way other then creating an OU Group Policy in AD?(Microsoft Knowledge Base Article 278295.)  This way I need to create logon accounts for Temtinal Server users.  

Setting Group Policies for TSWEB Users

The Windows operating systems have distinct methodologies for designing and implementing networks, and have specific systems to accomplish various networking processes, such as Exchange for email, Sharepoint for shared files and programs, and IIS for delivery of web pages. Microsoft also produces server technologies for networked database use, security and virtualization.