Solved

Group Policy security settings..

Posted on 2009-07-10
4
225 Views
Last Modified: 2012-05-07
Ok after running gpresult on one of my terminal servers I noticed that the terminal server GPO wasnt being applied due to Security as in "Filtering: Denied (Security)".

So Im looking and that specific GPO is Linked to the Terminal Server OU (which contains all three TS servers, and it is Filtered to Authenticated Users and Terminal Server Computers and both of those have read and apply rights.

So do I evern need the Terminal Server Computers group listed under Filtering since the GPO is only linked to the Terminal Server OU?  Could that be whats causing this security failure?
0
Comment
Question by:Ben Hart
  • 2
  • 2
4 Comments
 
LVL 14

Accepted Solution

by:
amichaell earned 250 total points
ID: 24827309
So long as the GPO is only linked to the Terminal Server OU you can just filter on Authenticated Users, which is all authenticated users and computers.  
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 24827370
Sweet.. So I removed the terminal Server Computers from the filtering list and tonight when they all reboot I'll re-run gpresult and hopefully get better results.  
0
 
LVL 14

Expert Comment

by:amichaell
ID: 24827390
Great.  Let me know.  
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 24843124
Seems to have worked, gpresult now shows teh computer portion of that GPO as being applied.  thanks so much.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question