Solved

Terminal Server Group Policy

Posted on 2007-03-26
2
450 Views
Last Modified: 2013-11-21
I have an enviroment where we are running a couple of Terminal Servers as well as a bunch of PC's.  I want to create a locked down Group Policy object that will only apply to user when they are logged onto the Terminal Server.  I have an OU with only my Terminal Servers in it, and I have s Separate OU with all of my users.  I have two issues right now. Currently the policy is applying on the User's PC which we cannot have.  The only other thing that I can think of doign is enable Loop Back Policy, but I don't the administrative users to have any policy applied.  What other options do I have here.
0
Comment
Question by:rshooper76
2 Comments
 
LVL 8

Expert Comment

by:b0fh
ID: 18794579
The answer is to use multiple policies; Use a policy on the Users' OU (to be applied anywhere the users in the OU  login) and a separate policy for the TS machines (for anyone logging into a Terminal Server in that OU).  

Did you run a gpupdate after applying the policies?  Did you reboot the Terminal Server(s)?  The policy must be "read" to be used.  It sounds as if your user policy has been read already, but might have been applied improperly.

It sounds as if you're halfway there, but may have just mixed up your policies.
0
 
LVL 83

Accepted Solution

by:
oBdA earned 500 total points
ID: 18802742
There is no other option than using the Loopback processing.
To prevent the loopback policies from applying to admin accounts, you can use security group filtering. Create one GPO enabling the Loopback processing, leave the default security settings. Create a different GPO for the user settings, create a security group, remove the default "Authenticated Users" from the Read and Apply permissions to this GPO (or from the Security Filtering list if using GPMC), and add this security group instead. Add all user accounts to which the policies should be applied to the group.

Loopback processing of Group Policy
http://support.microsoft.com/?kbid=231287
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Description: Actually I found the below issue with some customers after migration from SMS 2003 to SCCM 2007 and epically if they change site code, some clients may appear in the console with old site code, plus old sites still appearing …
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found listed in my profile here: http:…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question