Solved

Group Policy security settings..

Posted on 2009-07-10
4
230 Views
Last Modified: 2012-05-07
Ok after running gpresult on one of my terminal servers I noticed that the terminal server GPO wasnt being applied due to Security as in "Filtering: Denied (Security)".

So Im looking and that specific GPO is Linked to the Terminal Server OU (which contains all three TS servers, and it is Filtered to Authenticated Users and Terminal Server Computers and both of those have read and apply rights.

So do I evern need the Terminal Server Computers group listed under Filtering since the GPO is only linked to the Terminal Server OU?  Could that be whats causing this security failure?
0
Comment
Question by:Ben Hart
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 14

Accepted Solution

by:
amichaell earned 250 total points
ID: 24827309
So long as the GPO is only linked to the Terminal Server OU you can just filter on Authenticated Users, which is all authenticated users and computers.  
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 24827370
Sweet.. So I removed the terminal Server Computers from the filtering list and tonight when they all reboot I'll re-run gpresult and hopefully get better results.  
0
 
LVL 14

Expert Comment

by:amichaell
ID: 24827390
Great.  Let me know.  
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 24843124
Seems to have worked, gpresult now shows teh computer portion of that GPO as being applied.  thanks so much.
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question