Currently I have 2 Windows 2003 domains. Domain_A and Domain_B. There is a one way trust relationship between the two domains. Outgoing trust on Domain_B, and Incoming on Domain_A. All user accounts and regular desktops belong to Domain_A. Domain_B is a server farm consisting of mainly Citrix Presentation Server 4 servers publishing specific applications. Now, in Domain_A there are extensive logon scripts that are used which cause major problems on Domain_B when a user from Domain_A logs into the Citrix Farm. Is there a way to prevent logon scripts from Domain_A being processed and executed when a user of Domain_A logs onto via Citrix Presentation Server 4 after they have been authenticated via Web Interface to Domain_B? I would like to intercept Domain_A's logon scripts and have this authenticated user run logon scripts which are relevant to Domain_B. One important note tho, I cannot change or modify any login scripts or processed in Domain_A, only in Domain_B can I make these changes. The only thing I want from Domain_A is an authenticated user. The users in Domain_A access the Citrix servers published applications via the Citrix Web Interface. I don’t know if this is possible, however, even if the user in Domain_A could be authenticated via the Citrix Web Interface and actually run the published application as a local user of Domain_B that would solve my problem as well. Just an additional note, I have tried the Article ID : 924034 - How to prevent a computer from running a user logon script in Windows Server 2003 (http://support.microsoft.com/kb/924034
) without success. I was thinking putting into place a Software Restriction GPO however that didnt seem to work to well. I could restrict things that the logon secript does but not the whole script itself.