[gptalk] Re: Terminal Server Group Policy
- From: "Justin Salandra" <jsalandra@xxxxxxxxxxxxx>
- To: <gptalk@xxxxxxxxxxxxx>
- Date: Wed, 17 Oct 2007 13:57:13 -0400
I got it to work, turned out that even though Administrators was deny
apply group policy account and the computer account is not a part of
that group, the security filtering denied the policy to everyone. Once
removed, all worked great
Justin A. Salandra
Director of Technology
Citadel Perimeter
62 William Street
New York, NY 10005
Office 212.931.8830 x209
Cell 917.455.0110
jsalandra@xxxxxxxxxxxxx
________________________________
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Omar Droubi
Sent: Tuesday, October 16, 2007 12:03 PM
To: gptalk@xxxxxxxxxxxxx
Subject: RE: [gptalk] Terminal Server Group Policy
sounds like two separate issues- but may be related.
by default the remote desktop users group is allowed logon through
terminal services (w2k3) on w2k you should only need to add the
necessary group to "Allow log on through terminal services- but you may
also need to add allow logon locally
Are your users members of the Remote Desktop Users group on the local
terminal server?
What are the security filtering settings on the GPO in question. If you
are using GPMC- which you should be- on the general page of the GPO
properties you it will list which groups the policy applies to. (if the
page is not named general- then it is the left most page in the task
pane of the GPMC)
As for your restricted groups- which groups are you managing with this
policy and is the policy applied to the OU that contains the terminal
servers?
Omar
________________________________
From: gptalk-bounce@xxxxxxxxxxxxx on behalf of Justin Salandra
Sent: Tue 10/16/2007 8:10 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Terminal Server Group Policy
I have a terminal server setup with a group policy being applied,
however even though all permissions are correct and the user account and
computer account both have access to read and apply the policy, you are
unable to login as the user and the computer itself reports that
Security Filtering is denying the policy.
We are using restricted groups in the group policy and a new group
created within AD was added as a member of that group so the end user
has the rights to login, but because the policy is not applying, it is
not working.
There are no errors in the System or Application log, all seems to be
working, any ideas?
Justin A. Salandra
Director of Technology
Citadel Perimeter
62 William Street
New York, NY 10005
Office 212.931.8830 x209
Cell 917.455.0110
jsalandra@xxxxxxxxxxxxx
Other related posts:
