I have a problem with GPO not applying things the way I think they should be. The problem I'm having is that when a non-administrator logs into the rd server they get their regular desktop. If they click on the windows logo they go to the tiled page which includes things like administrative tools, control panel and other things that they shouldn't have access to.
I've gone through the local security policy and turned off everything, that shouldn't be there. There is also a GPO specifically for remote users.
I've run the GP Modeling wizard and two things have got me wondering.
1. Get this error AD/Sysvol version mismatch. This is supposed to be fixed by a rollup issued Jan 2014, which I have already installed. I downloaded a hot fix, but that was supposed to have been included in the rollup, so I haven't installed it.
2. It says policy definitions (ADMX files) retrieved from local computer. I'm wondering if I don't have all of the proper ADMX files. For one thing the group policy talks about a deny access to control panel setting, which I can't find anywhere.
Should I download the full set of ADMX files from Microsoft? I recall seeing that somewhere during my research. Not sure what the next step should be at this point.