[THIN] Re: OT: Group Policies in Organizational Unit
- From: "Scott R" <sreichardt@xxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Sun, 22 Jun 2003 15:34:53 -0500
On option 2, which entry do I give a deny to. This is under the security
tab for the properties of the gpo right? I tried giving domain admins deny
to read, but that didnt work. Unless I just have to let it sit for a while.
----- Original Message -----
From: "Frank Monroe" <Frank.Monroe@xxxxxxxxxxx>
To: <thin@xxxxxxxxxxxxx>
Sent: Sunday, June 22, 2003 3:16 PM
Subject: [THIN] Re: OT: Group Policies in Organizational Unit
> You have two options.
>
> 1) Add a gpo that is in the listed of the locked down GPO that reverses
> that GPO and under security, allow only domain admins access to it.
>
> 2) or, add a deny entry for domain admins under security for the locked
down
> GPO.
>
> I would do number 2.
>
> -----Original Message-----
> From: Scott R [mailto:sreichardt@xxxxxxx]
> Sent: Sunday, June 22, 2003 4:13 PM
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: OT: Group Policies in Organizational Unit
>
>
> OK, its all working, but now I created another OU and added Domain Admin's
> to it. I apply a new group policy on that but the other gpo for the
> computers in the other OU are still in effect even though I log in as a
> domain admin. Is there something I have to do to make it look at the new
OU
> first or something? I'm trying to make it so when a domain admin logs in,
> he is not locked down like normal users.
>
>
> ----- Original Message -----
> From: "Frank Monroe" <Frank.Monroe@xxxxxxxxxxx>
> To: <thin@xxxxxxxxxxxxx>
> Sent: Friday, June 20, 2003 5:28 PM
> Subject: [THIN] Re: OT: Group Policies in Organizational Unit
>
>
> > Scott,
> >
> > I am glad to hear that this is now working for you. But, not to
disagree
> > with Rob, you don't have to be in native mode to make Loopback policies
> > work. We were using loopback over a year before we switched to native
> mode
> > without issue.
> >
> > -----Original Message-----
> > From: Scott R [mailto:sreichardt@xxxxxxx]
> > Sent: Friday, June 20, 2003 12:03 PM
> > To: thin@xxxxxxxxxxxxx
> > Subject: [THIN] Re: OT: Group Policies in Organizational Unit
> >
> >
> > Ok, I changed to Native mode and waited about 45 minutes. Still no go.
> > After looking at my setup that is working at another office with the
> single
> > dc...i did notice something different. Under the properties of existing
> > OU's (My citrix servers...domain controllers), there are tabs for
General,
> > Managed By, Object, Security and Group Policy. At the office with 2
dc's
> > the properties for the ou's dont have the tabs Object, and Security.
What
> > would cause that and could that be an indication of what's wrong?
> >
> > This wouldnt happen to be a dns problem would it? I have the first dc
as
> a
> > dns server.
> >
> >
> > ----- Original Message -----
> > From: "Ron Oglesby" <roglesby@xxxxxxxxxxxx>
> > To: <thin@xxxxxxxxxxxxx>
> > Sent: Friday, June 20, 2003 11:03 AM
> > Subject: [THIN] Re: OT: Group Policies in Organizational Unit
> >
> >
> > > Well you have to be in Native mode (per some MS article) for this to
> > > work properly (of course you cant have any down level domain
controllers
> > > when you do this...)
> > >
> > > Anyway the location for the policy is found in the GPO at:
> > > Computer Configuration\Administrative Templates\Group Policy\User
Group
> > > Policy loop Back processing mode.
> > >
> > > I have mine enabled and set to replace. (depending on the client...)
> > >
> > > Ron Oglesby
> > > Senior Technical Architect
> > > =20
> > > RapidApp
> > > Office 312.372.7188
> > > Mobile 815.325.7618
> > > email roglesby@xxxxxxxxxxxx
> > > =20
> > >
> > > -----Original Message-----
> > > From: Scott R [mailto:sreichardt@xxxxxxx]=20
> > > Sent: Friday, June 20, 2003 10:59 AM
> > > To: thin@xxxxxxxxxxxxx
> > > Subject: [THIN] Re: OT: Group Policies in Organizational Unit
> > >
> > > I'm not sure where the loopback processing option is. And I don't
have
> > > it
> > > in native mode. Would switching it to native mode fix it?
> > >
> > >
> > > ----- Original Message -----
> > > From: "Ron Oglesby" <roglesby@xxxxxxxxxxxx>
> > > To: <thin@xxxxxxxxxxxxx>
> > > Sent: Friday, June 20, 2003 10:49 AM
> > > Subject: [THIN] Re: OT: Group Policies in Organizational Unit
> > >
> > >
> > > > Do you have the loopback processing option enabled in the policy and
> > > is
> > > > the domain in Native mode?
> > > >
> > > > Ron Oglesby
> > > > Senior Technical Architect
> > > > =3D20
> > > > RapidApp
> > > > Office 312.372.7188
> > > > Mobile 815.325.7618
> > > > email roglesby@xxxxxxxxxxxx
> > > > =3D20
> > > >
> > > > -----Original Message-----
> > > > From: Scott R [mailto:sreichardt@xxxxxxx]=3D20
> > > > Sent: Friday, June 20, 2003 10:42 AM
> > > > To: thin@xxxxxxxxxxxxx
> > > > Subject: [THIN] OT: Group Policies in Organizational Unit
> > > >
> > > > Content-Type: text/plain;
> > > > charset=3D3D"iso-8859-1"
> > > > Content-Transfer-Encoding: quoted-printable
> > > >
> > > > I have two Domain Controllers in my win2k domain. I put two member =
> > > =3D3D
> > > > servers (citrix servers) in their own Organizational Unit. I apply a
> > > new
> > > > =3D3D
> > > > group policy on that OU but it never takes. I have to go to each
> > > server
> > > > =3D3D
> > > > locally and set the group policy. I had this working perfectly at a
> > > =3D3D
> > > > different office with only one Domain Controller and I'm doing the
> > > same
> > > > =3D3D
> > > > thing here. Is there something different I have to do with two DC's?
I
> > > =3D
> > > > =3D3D
> > > > know their talking to each other because when I add a new user it
> > > shows
> > > > =3D3D
> > > > on the other dc. Also, domain policies arent working either...I have
> > > to
> > > > =3D3D
> > > > use Local policies on each server. It's like their not participating
> > > in
> > > > =3D3D
> > > > the domain, but I know they are. Users login to the domain =
> > > fine.=3D3D20
> > > >
> > > > Thanks
> > > >
> > > >
> > > >
> > > > -- No attachments (even text) are allowed --
> > > > -- Type: image/gif
> > > > -- File: spacer.gif
> > > >
> > > >
> > > > ********************************************************
> > > > This weeks sponsor - RTOSoft TScale=3D20
> > > > Complaints about applications response time - DO SOMETHING ABOUT IT!
> > > > TScale 2.0 improves applications response time and increases
terminal
> > > > server capacity. Really get MORE from your existing servers! Free
> > > eval:
> > > > http://www.rtosoft.com/enter.asp?id=3D3D130
> > > > **********************************************************
> > > > Useful Thin Client Computing Links are available at:
> > > > http://thethin.net/links.cfm
> > > >
> > > > For Archives, to Unsubscribe, Subscribe or=3D20
> > > > set Digest or Vacation mode use the below link:
> > > > http://thethin.net/citrixlist.cfm
> > > > ********************************************************
> > > > This weeks sponsor - RTOSoft TScale
> > > > Complaints about applications response time - DO SOMETHING ABOUT IT!
> > > > TScale 2.0 improves applications response time and increases
terminal
> > > > server capacity. Really get MORE from your existing servers! Free
> > > eval:
> > > > http://www.rtosoft.com/enter.asp?id=3D130
> > > > **********************************************************
> > > > Useful Thin Client Computing Links are available at:
> > > > http://thethin.net/links.cfm
> > > >
> > > > For Archives, to Unsubscribe, Subscribe or
> > > > set Digest or Vacation mode use the below link:
> > > > http://thethin.net/citrixlist.cfm
> > >
> > > ********************************************************
> > > This weeks sponsor - RTOSoft TScale=20
> > > Complaints about applications response time - DO SOMETHING ABOUT IT!
> > > TScale 2.0 improves applications response time and increases terminal
> > > server capacity. Really get MORE from your existing servers! Free
eval:
> > > http://www.rtosoft.com/enter.asp?id=3D130
> > > **********************************************************
> > > Useful Thin Client Computing Links are available at:
> > > http://thethin.net/links.cfm
> > >
> > > For Archives, to Unsubscribe, Subscribe or=20
> > > set Digest or Vacation mode use the below link:
> > > http://thethin.net/citrixlist.cfm
> > > ********************************************************
> > > This weeks sponsor - RTOSoft TScale
> > > Complaints about applications response time - DO SOMETHING ABOUT IT!
> > > TScale 2.0 improves applications response time and increases terminal
> > > server capacity. Really get MORE from your existing servers! Free
eval:
> > > http://www.rtosoft.com/enter.asp?id=130
> > > **********************************************************
> > > Useful Thin Client Computing Links are available at:
> > > http://thethin.net/links.cfm
> > >
> > > For Archives, to Unsubscribe, Subscribe or
> > > set Digest or Vacation mode use the below link:
> > > http://thethin.net/citrixlist.cfm
> >
> > ********************************************************
> > This weeks sponsor - RTOSoft TScale
> > Complaints about applications response time - DO SOMETHING ABOUT IT!
> > TScale 2.0 improves applications response time and increases terminal
> > server capacity. Really get MORE from your existing servers! Free eval:
> > http://www.rtosoft.com/enter.asp?id=130
> > **********************************************************
> > Useful Thin Client Computing Links are available at:
> > http://thethin.net/links.cfm
> >
> > For Archives, to Unsubscribe, Subscribe or
> > set Digest or Vacation mode use the below link:
> > http://thethin.net/citrixlist.cfm
> > ********************************************************
> > This weeks sponsor - RTOSoft TScale
> > Complaints about applications response time - DO SOMETHING ABOUT IT!
> > TScale 2.0 improves applications response time and increases terminal
> > server capacity. Really get MORE from your existing servers! Free eval:
> > http://www.rtosoft.com/enter.asp?id=130
> > **********************************************************
> > Useful Thin Client Computing Links are available at:
> > http://thethin.net/links.cfm
> >
> > For Archives, to Unsubscribe, Subscribe or
> > set Digest or Vacation mode use the below link:
> > http://thethin.net/citrixlist.cfm
> >
>
> ********************************************************
> This weeks sponsor - RTOSoft TScale
> Complaints about applications response time - DO SOMETHING ABOUT IT!
> TScale 2.0 improves applications response time and increases terminal
> server capacity. Really get MORE from your existing servers! Free eval:
> http://www.rtosoft.com/enter.asp?id=130
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thethin.net/links.cfm
>
> For Archives, to Unsubscribe, Subscribe or
> set Digest or Vacation mode use the below link:
> http://thethin.net/citrixlist.cfm
> ********************************************************
> This weeks sponsor - RTOSoft TScale
> Complaints about applications response time - DO SOMETHING ABOUT IT!
> TScale 2.0 improves applications response time and increases terminal
> server capacity. Really get MORE from your existing servers! Free eval:
> http://www.rtosoft.com/enter.asp?id=130
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thethin.net/links.cfm
>
> For Archives, to Unsubscribe, Subscribe or
> set Digest or Vacation mode use the below link:
> http://thethin.net/citrixlist.cfm
********************************************************
This weeks sponsor - RTOSoft TScale
Complaints about applications response time - DO SOMETHING ABOUT IT!
TScale 2.0 improves applications response time and increases terminal
server capacity. Really get MORE from your existing servers! Free eval:
http://www.rtosoft.com/enter.asp?id=130
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
Other related posts:
