Preventing GPO/login scripts when logging into a trusting forest 2003

doximagen
doximagen used Ask the Experts™
on
I have 2 forest with a 1-way forest trust. I will call them forest A and B.

A trust B

When an individual logs into A, with B credentials there is a 5 min. lag in their logon. Event logs say "GPO aborted....etc"

How can I block the application of policies from B to A?


Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2006

Commented:
you will have to block both.....the fact is, user B has logon scripts and GPO's applied....you log on with him then you will get them......i don't know of a way in this scenario to do what you are asking but will watch in case someone else has ideas

Author

Commented:
Isn't there a way to block those GPO's from running accross different forests?
Top Expert 2006

Commented:
you are calling an account from another forest, if you were able to block the GPO's then you may as well through your security off the top floor

Author

Commented:
Just to be clear...

I have an account in Forest B...
Forest A Trusts B
I login to Forest A with my Forest B credentials.
I am logging on to a workstation/server that is in Forest A as well.

How exactly do I prevent the GPO's from running when I am logging into the Forest A Server/workstation?
Top Expert 2006
Commented:
The GPO's are user based NOT computer based then and as i said, i know of no way to make this any different

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial