[gptalk] Re: Loopback Processing
- From: "Robert Tannehill" <bob@xxxxxxxxxxxxxxxxxx>
- To: <gptalk@xxxxxxxxxxxxx>
- Date: Thu, 10 May 2007 10:51:51 -0700
Justin,
We had that same thing with the Administrators needing to be exempt from the
loopback GPO on the Citrix boxes. We created a group like DenyGPOonCtx, put
the Admins in it, and using GPMC, delegation tab. Add the group, go to
Advanced button and set the "Apply Group Policy" permission to Deny. This
way you can leave the Security Filtering as Authenticated Users.
Regards,
Robert Tannehill
CSC
_____
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Salandra, Justin A.
Sent: Thursday, May 10, 2007 8:12 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Loopback Processing
Thanks
Justin A. Salandra
MCSE Windows 2000 & 2003
Network and Technology Services Manager
Catholic Healthcare System
646.505.3681 - office
917.455.0110 - cell
<mailto:jasalandra@xxxxxxxxxxx> jasalandra@xxxxxxxxxxx
_____
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Alan & Margaret
Sent: Thursday, May 10, 2007 9:18 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Loopback Processing
HI Justin,
No, this suggestion will work perfectly OK as well. The critical thing is
that the user settings must be in a policy connected to the OU containing
the server and the users must be set via security filtering to APPLY and the
administrators must either be in the deny group or not in the apply group.
Alan Cuthbertson
Policy Management Software:-
http://www.sysprosoft.com/index.php?ref=activedir
<http://www.sysprosoft.com/index.php?ref=activedir&f=pol_summary.shtml>
&f=pol_summary.shtml
ADM Template Editor:-
http://www.sysprosoft.com/index.php?ref=activedir
<http://www.sysprosoft.com/index.php?ref=activedir&f=adm_summary.shtml>
&f=adm_summary.shtml
Policy Log Reporter(Free)
http://www.sysprosoft.com/index.php?ref=activedir
<http://www.sysprosoft.com/index.php?ref=activedir&f=policyreporter.shtml>
&f=policyreporter.shtml
_____
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Salandra, Justin A.
Sent: Thursday, 10 May 2007 10:38 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Loopback Processing
I thought I read somewhere that even by doing that it won't have any affect.
I plan on testing the Group Policy today, just wanted to get a head start on
trying not to re-invent the wheel. Thanks
Justin A. Salandra
MCSE Windows 2000 and 2003
Network and Technology Services Manager
Catholic Health Care System
646.505.3681
cell 917.455.0110
jasalandra@xxxxxxxxxxx
_____
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Washington, Booker
Sent: Wednesday, May 09, 2007 3:38 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Loopback Processing
You can set the administrator account to deny for the policy.
Anyone else have any ideas?
_____
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Salandra, Justin A.
Sent: Wednesday, May 09, 2007 3:23 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Loopback Processing
I am setting up some Terminal Servers and wanted to ask a questions about
Loopback processing.
How can I make it so that the Administrator account does not have the User
Configuration of the policy applied to them when they logon to the Terminal
Server?
Justin A. Salandra
MCSE Windows 2000 & 2003
Network and Technology Services Manager
Catholic Healthcare System
646.505.3681 - office
917.455.0110 - cell
<mailto:jasalandra@xxxxxxxxxxx> jasalandra@xxxxxxxxxxx
Other related posts:
