Solved

Removing Loopback Processing

Posted on 2010-11-22
6
550 Views
Last Modified: 2012-05-10
I have gotten hung up in setting up Loopback processing mode on a new terminal server. Here are my environment details.

Windows 2003 Server (all SPs and updates) running Terminal Services
on a Windows SBS 2008 domain.

Created TS OU
Moved TS computer to this OU
Created Terminal Server Security Group (Global)
Created TS Users Security Group (Global)
Created GPO linked to TS OU with just Loopback Processing enabled
Created GPO linked to TS OU with restricted user settings

I successfully applied the Loopback policy and my restrictions worked perfectly, however I missed the step in denying "Apply Policy" to the admin group so admins were restricted also. Adding the deny permission did not resolve it, so I used the restricting GPO to reverse all settings, ran gpupdate /force, rebooted and had full access again for all users.

I then decied to start from scratch. Disabled Loopback in GPO, gpupdate /forced, rebooted. Removed all policies from the TS OU Moving the TS computer back to default computers OU. Gpupdate and reboot TS computer. At this point logging on to the TS reapplied the loopback settings. I am uncertain where from though as the policies are not linked to any OUs.

Running RSoP does not show any of the settings that are being applied even though the TS is applying them.

This is incredably frustrating as i don't know where the policies are comming from.

I
0
Comment
Question by:baserik
  • 4
  • 2
6 Comments
 
LVL 22

Accepted Solution

by:
Matt V earned 200 total points
ID: 34191740
Removing a policy does not remove the options it pushed.  You will need to create an anti-policy that specifially disables/enables all the things you diabled/enabled in the TS policy that was applied to the Admin group.
0
 

Author Comment

by:baserik
ID: 34191766
I'm sorry I wasn't entirely clear, I had reversed the settings in the restricting GPO which cleared the settings for all users including admins. The anti-policy settings were left in place when disabled loopback processing and reboot. After reboot all the loopback settings reappear.
0
 

Author Comment

by:baserik
ID: 34191947
Ok thought I was getting somewhere but here is a more detailed update.

With all settings reversed set loopback to enabled. GPupdate /force then reboot.
full unrestricted log in all users.

Disbale Loopback Policy. GPupdate /force then reboot.
full unrestricted log in all users.

Set Loopback to "Not configured". GPupdate /force then reboot.
full unrestricted log in all users.

Move TS to default computer OU. GPupdate /force then reboot.
all restriced settings mysteriously reappear for all users.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Assisted Solution

by:baserik
baserik earned 0 total points
ID: 34193429
Ok I finally figured this one out.

I had a corrupt default profile on the Terminal Server. This was holding the restricted GPO settings and causing the logons to revert back to them when there wasn't another GPO to override them. Not sure how it happened but all is better now.

Thanks.
0
 
LVL 22

Expert Comment

by:Matt V
ID: 34193437
Thanks for the update, good to know the fix.
0
 

Author Closing Comment

by:baserik
ID: 34221357
I eventually found the problem. mattv... even though he didn't solve my problem he got me thinking about the policy application process.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Measure data usage per hotspot, on computer 3 54
ESXi VM of Server 2003 Saving Slow. 7 61
Dell Powerconnect Switch lost username/password 2 43
Bandwidth issues? 5 30
After several days of searching and hunting for limited documentation, I wanted to share this guide to hopefully save someone the hassle of trying to figure this out on their own. I have tested this on Xendesktop 7.1 and PS 4.5 running simultaneous…
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question