Hope someone can clear my head as I'm getting slightly confused with loopback policy.
I have a set of users scattered all over the domain that will eventually access some Term Servers
I have done the following
Created OU called Terminal Servers
Placed all Terminal Servers in the Terminal Servers OU
Created TS Machine Policy (enabled loopback to replace and linked it to OU, I have disable USER configuration on it.
Created a Group called terminal Server-GS and added all Terminal Server to group.
ON TS Machine Policy GPO I have removed authenticated users from it and added terminal Server-GS group and applied Read and Apply group policy on GPO. (Also denied TS Admins to this policy)
Now as my users are scattered all over the place how do I configure my TS Users Policy, I would like seperate GPO for TS Machine GPO and TS Users GPO
FOr the TS Users GPO Do I link this to the Terminal Server OU? , is this possible and best practice.
I would like to configure Folder redirection as well. Also do i configure loopback on the TS Users GPO?
Any help appreciated