Solved

Locked Desktops

Posted on 2011-03-20
2
339 Views
Last Modified: 2012-05-11
Hi

We run Terminal Services with Citrix and most of our users have locked desktops and using a single locked desktop. The problem arises when something goes wrong its a noghtmare to fix. First off i can t get into the profile folder even tho im an administrator second for doing something simple like re creating a corrupt Outlook 2007 profile becasue the desktop is locked and there is no access to control panel i'm not sure how i can easily get that sorted with having to temp remove the user from the lock down group
Is there something im missing here? any wasy way to manage these users?
0
Comment
Question by:kingcastle
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 8

Accepted Solution

by:
ActiveDirectoryman earned 250 total points
ID: 35177172


Are you using  terminal services profiles or roaming profiles?

If you are using roaming profiles for the users administrators by default do not have access to newly created profiles.  You can change this by enabling the " Add the Administrators security group to the roaming user profile share" group policy.  
Please clarify in detail what your terminal server configuration is.
0
 
LVL 36

Assisted Solution

by:Carl Webster
Carl Webster earned 250 total points
ID: 35177541
You need to deny the lockdown group policy from being applied to your admin.  On the GPO page, the last tab is Delegation IIRC.  Click the tab and then down in the bottom right corner, click that button.  Scroll down find your admins or add your admins and then find the setting Apply Group Policy and select the Deny box.  Now the policy will not apply to your admins (after the policy refreshes) and you can do what you need to do.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If your vDisk VHD file gets deleted from the image store accidentally or on purpose, you won't be able to remove the vDisk from the PVS console. There is a known workaround that is solid.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question