Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

Professional Opinions
Ask a Question
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

troubleshooting Question

Preventing Trusted W2k3 Domain's Logon Script in Trusting Win2k3 Domain

Avatar of homith
homith asked on
4 Comments1 Solution827 ViewsLast Modified:
Currently I have 2 Windows 2003 domains. Domain_A and Domain_B. There is a one way trust relationship between the two domains. Outgoing trust on Domain_B, and Incoming on Domain_A. All user accounts and regular desktops belong to Domain_A. Domain_B is a server farm consisting of mainly Citrix Presentation Server 4 servers publishing specific applications. Now, in Domain_A there are extensive logon scripts that are used which cause major problems on Domain_B when a user from Domain_A logs into the Citrix Farm. Is there a way to prevent logon scripts from Domain_A being processed and executed when a user of Domain_A logs onto via Citrix Presentation Server 4 after they have been authenticated via Web Interface to Domain_B? I would like to intercept Domain_A's logon scripts and have this authenticated user run logon scripts which are relevant to Domain_B. One important note tho, I cannot change or modify any login scripts or processed in Domain_A, only in Domain_B can I make these changes. The only thing I want from Domain_A is an authenticated user. The users in Domain_A access the Citrix servers published applications via the Citrix Web Interface. I don’t know if this is possible, however, even if the user in Domain_A could be authenticated via the Citrix Web Interface and actually run the published application as a local user of Domain_B that would solve my problem as well. Just an additional note, I have tried the Article ID : 924034 - How to prevent a computer from running a user logon script in Windows Server 2003 (http://support.microsoft.com/kb/924034) without success. I was thinking putting into place a Software Restriction GPO however that didnt seem to work to well. I could restrict things that the logon secript does but not the whole script itself.
Avatar of chrisnewman01

Our community of experts have been thoroughly vetted for their expertise and industry experience.

This problem has been solved!
Unlock 1 Answer and 4 Comments.
See Answers