asked on

Group policy not working

I created an OU in AD and put my terminal server in it.
I then created a policy and selected the option to remove and disable the shut down command from the start menu.
On the terminal server from a command prompt, I ran gpupdate
No errors in the event log.
I did this about 3 hours ago and I still have the shutdown button on the start menu.

Any clues?

Thanks,
Mike

ASKER CERTIFIED SOLUTION

oBdA

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

mcrossland

ASKER

ODBA,
This rings a bell.
Last year I migrated an NT4 domain to a 2003 AD, exchange 2003, 2003 terminal server.
I really wanted to lock down the terminal server because users were constantly trashing the old nt4 terminal server.
I believe I used this article at that time http://support.microsoft.com/kb/278295/en-us
It worked out Great! I didn't have to create a second policy as you stated. I just used the loopback setting (replace) and then continued on with locking down user settings. I've just taken that direction with this particular site and will see if I run into any issues with that. Please take a look at the article that I posted and see if you see anything wrong with going that route.

Thanks,
Mike

oBdA

It's easier to keep track of what's happening if you have different GPOs for users and computers, and it's easier to control access with security group filtering if they're separate, too.
And having a dedicated Loopback GPO makes it immediately clear what's happening in that OU.

mcrossland

ASKER

Good point. I'll give that a shot.

mcrossland

ASKER

oBda,
Your time to completely explain the solution is greatly appreciated.
My issue is resolved.

Thank you,
Mike