Terminal server - Restricted & Normal GPO

Posted on 2012-09-15
Medium Priority
Last Modified: 2012-11-20

I have a terminal server environment where the terminal servers have a single GPO that suits 99% of the time.
But I have just been asked to create a terminal server user/group that only has access to 2 programs and basically none of the rights of nearly every other Terminal Server user.

I understand I have to use Software Restriction Polices but I am battling to make it work

I have created a OU and placed the user in it, I have then created a GPO for that OU that has the Software Restrictions Policy but it always defaults to the existing terminal server GPO

Any/all help & suggestions would be appreciated
Question by:forsyths_au
  • 2
LVL 18

Expert Comment

by:Sushil Sonawane
ID: 38403063

Accepted Solution

forsyths_au earned 0 total points
ID: 38495714
My apologies for the late closing of this, I have been on leave.

As good as the experts post above was and thank you :) but my answer was in where I had actually put the GPO and user account

Author Closing Comment

ID: 38615942
As good as the experts post above was and thank you :) but my answer was in where I had actually put the GPO and user account

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
A new hacking trick has emerged leveraging your own helpdesk or support ticketing tools as an easy way to distribute malware.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question