Solved

Preventing GPO/login scripts when logging into a trusting forest 2003

Posted on 2006-10-21
5
324 Views
Last Modified: 2010-04-18
I have 2 forest with a 1-way forest trust. I will call them forest A and B.

A trust B

When an individual logs into A, with B credentials there is a 5 min. lag in their logon. Event logs say "GPO aborted....etc"

How can I block the application of policies from B to A?


0
Comment
Question by:doximagen
  • 3
  • 2
5 Comments
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17782817
you will have to block both.....the fact is, user B has logon scripts and GPO's applied....you log on with him then you will get them......i don't know of a way in this scenario to do what you are asking but will watch in case someone else has ideas
0
 

Author Comment

by:doximagen
ID: 17784241
Isn't there a way to block those GPO's from running accross different forests?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17785420
you are calling an account from another forest, if you were able to block the GPO's then you may as well through your security off the top floor
0
 

Author Comment

by:doximagen
ID: 17787799
Just to be clear...

I have an account in Forest B...
Forest A Trusts B
I login to Forest A with my Forest B credentials.
I am logging on to a workstation/server that is in Forest A as well.

How exactly do I prevent the GPO's from running when I am logging into the Forest A Server/workstation?
0
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 250 total points
ID: 17792519
The GPO's are user based NOT computer based then and as i said, i know of no way to make this any different
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question