Solved

Terminal Server Group Policy

Posted on 2007-03-26
2
470 Views
Last Modified: 2013-11-21
I have an enviroment where we are running a couple of Terminal Servers as well as a bunch of PC's.  I want to create a locked down Group Policy object that will only apply to user when they are logged onto the Terminal Server.  I have an OU with only my Terminal Servers in it, and I have s Separate OU with all of my users.  I have two issues right now. Currently the policy is applying on the User's PC which we cannot have.  The only other thing that I can think of doign is enable Loop Back Policy, but I don't the administrative users to have any policy applied.  What other options do I have here.
0
Comment
Question by:rshooper76
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 8

Expert Comment

by:b0fh
ID: 18794579
The answer is to use multiple policies; Use a policy on the Users' OU (to be applied anywhere the users in the OU  login) and a separate policy for the TS machines (for anyone logging into a Terminal Server in that OU).  

Did you run a gpupdate after applying the policies?  Did you reboot the Terminal Server(s)?  The policy must be "read" to be used.  It sounds as if your user policy has been read already, but might have been applied improperly.

It sounds as if you're halfway there, but may have just mixed up your policies.
0
 
LVL 85

Accepted Solution

by:
oBdA earned 500 total points
ID: 18802742
There is no other option than using the Loopback processing.
To prevent the loopback policies from applying to admin accounts, you can use security group filtering. Create one GPO enabling the Loopback processing, leave the default security settings. Create a different GPO for the user settings, create a security group, remove the default "Authenticated Users" from the Read and Apply permissions to this GPO (or from the Security Filtering list if using GPMC), and add this security group instead. Add all user accounts to which the policies should be applied to the group.

Loopback processing of Group Policy
http://support.microsoft.com/?kbid=231287
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The environment that this is running in is SCCM 2007 R2 running on a Windows 2008 R2 server. The PXE Distribution point is running on its own Windows 2008 R2 box. This is what Event viewer showed after trying to start the WDS service:  An erro…
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip is around source server preparation. No migration is an easy migration, there is a…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question