Solved

Preventing GPO/login scripts when logging into a trusting forest 2003

Posted on 2006-10-21
5
328 Views
Last Modified: 2010-04-18
I have 2 forest with a 1-way forest trust. I will call them forest A and B.

A trust B

When an individual logs into A, with B credentials there is a 5 min. lag in their logon. Event logs say "GPO aborted....etc"

How can I block the application of policies from B to A?


0
Comment
Question by:doximagen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17782817
you will have to block both.....the fact is, user B has logon scripts and GPO's applied....you log on with him then you will get them......i don't know of a way in this scenario to do what you are asking but will watch in case someone else has ideas
0
 

Author Comment

by:doximagen
ID: 17784241
Isn't there a way to block those GPO's from running accross different forests?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17785420
you are calling an account from another forest, if you were able to block the GPO's then you may as well through your security off the top floor
0
 

Author Comment

by:doximagen
ID: 17787799
Just to be clear...

I have an account in Forest B...
Forest A Trusts B
I login to Forest A with my Forest B credentials.
I am logging on to a workstation/server that is in Forest A as well.

How exactly do I prevent the GPO's from running when I am logging into the Forest A Server/workstation?
0
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 250 total points
ID: 17792519
The GPO's are user based NOT computer based then and as i said, i know of no way to make this any different
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question