how to confiugre limited access citrix presentation server

This *will* work with group policies.
Create a dedicated OU "Terminal Server" or whatever, and move your terminal server(s) into this OU.
Create a GPO "Loopback" and link it to your Terminal Server OU; enable the Loopback mode as described in the article below, and set it to "Replace". Reboot the terminal server(s).
Do NOT configure any policies under "User Configuration" in the Loopback GPO. You can add policies under "Computer Configuration" to this OU, but it's useful to have the Loopback setting in a separate GPO, so that it's immediately clear that these machines are in GPO loopback processing mode.
You will now be able to link additional(!) GPOs with *user* settings to the Terminal Server OU; these GPOs will be processed for every user logging on to a terminal server, even though the user object is not in the TS OU. You can use the Security Filtering of the GPO to prevent the GPO application for administrators.
The regular "Desktop" user policies will not be applied, because the Loopback mode is set to "Replace", so you can start with a "clean slate" when applying the TS policies.

Loopback processing of Group Policy
http://support.microsoft.com/kb/231287

sorry for delay respond.
solution looks very good I just cant find   policy line  for restrict unrestrict  desktop for all users?

In the setup I described above, with GPO Loopback processing enabled for the terminal servers, *User* configuration policies linked the terminal servers OU will *only* be applied when a user logs on to a terminal server, not when he logs on to his local desktop.

i am talking about
documents and settings\all users\destkop
I when I enabled the policy I do not see icons from all users\desktop