Re: Loopback Policy Not Taking Effect
- From: "Vera Noest [MVP]" <vera.noest@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 06 Jan 2009 12:31:04 -0800
You don't write to which OU you have linked the GPOs.
Both the Loopback GPO and the LOckdown GPO must be linked to the OU
which contains the Terminal Server accounts.
Also make sure that the option "disable Computer configuration" is
unchecked in both GPOs (I'm not sure of the exact wording).
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___
=?Utf-8?B?Tm9uY2VudHo=?= <Noncentz@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote on 06 jan 2009 in
microsoft.public.windows.terminal_services:
Afternoon All,.
I have been throught this puzzle before only to give up because
I got to busy with other matters but I am once again going to
tackle using GPO to lockdown my TS enviorment.
I have read numerous guides outlining how this process is done
(thx to Vera for the help) using this website as a template:
http://www.msterminalservices.org/articles/Managing-Terminal-Serv
ices-Group-Policy.html
I basically finished the tutorial but I am not seeing the
expected results.
- I went into Users and Computers and created a "Terminal
Servers" OU. Put both TS servers in the group
- I went to GP Management and Created a Loopback Policy as well
ad TS Lockdown Policy and assigned them mostly Computer
Configuration ...... some User level
- When looking at the scope of my GP's I have "Authenticated
Users" being effected including myself for now.
When I loggin to my TS I see that the GPO has been applied to
all users but only the USER CONFIGURATION. It seems as though
the machine settings are being filters????? ... I have no idea
why.......
A good example:
Loopback Policy
Filtering: Not Applied (Empty)
---- I have set the loopback but it is a Computer Configuration
so it is deemed empty
I created a test user that I am logging onto the TS with but
when I run a gpresult I get this back ( Slighly Edited for
Length)
---------------------------------
USER SETTINGS
--------------
CN=Marisa
Mckenna,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=mccoysales,DC=local
Last time Group Policy was applied: 1/6/2009 at 12:47:55 PM
Group Policy was applied from: mcsvr01.mccoysales.local
Group Policy slow link threshold: 500 kbps
Domain Name: MCCOYSALES
Domain Type: Windows 2000
Applied Group Policy Objects
-----------------------------
McCoy Wireless LAN Policy
Terminal Service Lockdown
Default Domain Policy
Local Group Policy
The following GPOs were not applied because they were
filtered out
-------------------------------------------------------------
------
Loopback Policy
Filtering: Not Applied (Empty)
Small Business Server - Windows Vista policy
Filtering: Denied (WMI Filter)
WMI Filter: Vista
Small Business Server Client Computer
Filtering: Not Applied (Empty)
The user is a part of the following security groups
---------------------------------------------------
Domain Users
Everyone
Remote Desktop Users
BUILTIN\Users
REMOTE INTERACTIVE LOGON
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
This Organization
LOCAL
Web Workplace Users
Wireless Users
Prophet21_Users
Fluid Connector
CERTSVC_DCOM_ACCESS
You all do great work BTW... any help is greatly appreciated.
Noncentz
- Follow-Ups:
- Re: Loopback Policy Not Taking Effect
- From: Noncentz
- Re: Loopback Policy Not Taking Effect
- References:
- Loopback Policy Not Taking Effect
- From: Noncentz
- Loopback Policy Not Taking Effect
- Prev by Date: Loopback Policy Not Taking Effect
- Next by Date: Re: Loopback Policy Not Taking Effect
- Previous by thread: Loopback Policy Not Taking Effect
- Next by thread: Re: Loopback Policy Not Taking Effect
- Index(es):
Relevant Pages
|
