Re: Using AD policies with Citrix en normal desktops
From: Cary Shultz [A.D. MVP] (cwshultz_at_mvps.org)
Date: 06/17/04
- Next message: Cary Shultz [A.D. MVP]: "Re: ADMT ( NT to W2K)"
- Previous message: igor: "Re: DFS Share Publishing"
- In reply to: Matjaz Ladava [MVP]: "Re: Using AD policies with Citrix en normal desktops"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 17 Jun 2004 06:06:16 -0400
Richard,
In addition to what Matjaz suggested ( which is, naturally, right on the
mark ) I might suggest that you use the following link to help you lock down
the TS via Group Policy:
http://support.microsoft.com/?id=278295
This will give you a start. Consider using Replace Mode! You will want to
make sure that you redirect the user's My Documents folder to the same
location via the TS GPO as you do via the 'desktop' GPO. Also, if you
choose to redirect other items ( such as the Start Menu ) then I suggest
that you create another location for that particular item ( such as
\\servername\startmenu\%username% ). If you redirect everything to the same
location you are going to have problems! Additionally, you might consider
using a security group to filter this as I am sure that you will not want
the Administrator account ( and possibly others? ) to be affected by this
GPO when logging on to the TS.
A quick note on using security groups to filter which user account objects
are affected by a particular GPO: simply create a security group and make
all of the user account objects that you want to be affected by this TS GPO
members of the security group. Next, on the GPO itself select Properties
and then select the Security Tab. First add that security group that you
created and make sure that it has the READ and APPLY GROUP POLICY rights.
Next, remove the AUTHENTICATED USERS security group.
I might suggest, though, that you set up a lab environment and play with
this, though. That is, if you have the resources!
HTH,
Cary
"Matjaz Ladava [MVP]" <matjaz@ladava.com> wrote in message
news:uUbhQf5UEHA.3336@TK2MSFTNGP11.phx.gbl...
> Use loopback policy pocessing on the OU that has TS servers
> http://support.microsoft.com/default.aspx?scid=231287
>
> Regards
>
> Matjaz
>
> "Richard Smit" <r_smit@wanadoo.nl> wrote in message
> news:1ce3901c4538a$0a8706b0$a301280a@phx.gbl...
> > Anybody who can help me,
> >
> > We want to use AD policies to, for example redirect a
> > desktop. Is it possible to detect if a user logs on to
> > terminal server and than use policy X and if the user logs
> > on to a normal desktop use policy Y because on the normal
> > desktop we don't want to redirect the desktop?
> >
> > Is this possible?
> >
> > Thanks,
> >
> > Richard Smit
> > HES Amsterdam
> >
>
>
- Next message: Cary Shultz [A.D. MVP]: "Re: ADMT ( NT to W2K)"
- Previous message: igor: "Re: DFS Share Publishing"
- In reply to: Matjaz Ladava [MVP]: "Re: Using AD policies with Citrix en normal desktops"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
