[gptalk] Re: Group Policy/AD delegation issueq

  • From: "Omar Droubi" <omar@xxxxxxxxxxxxxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Mon, 30 Jul 2007 09:41:42 -0700

Did you check on the machine the policy applied to that the remote
desktop checkbox was indeed checked and grayed out to verify that the
policy was indeed applied?


Next I would verify that the either the firewall on the machine in
questions is either disabled or allows the remote desktop protocol- even
many new Antivirus products have firewalls built in and can restrict
this function.


So I would 1st verify that it works without the GPO then uncheck the
checkbox- apply the GPO and try again.




From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Francis Revere
Sent: Monday, July 30, 2007 8:16 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Group Policy/AD delegation issueq


What I am attempting to do:  Create an AD group that has Full control of
a specific server in an OU and can remote into this server only within
the OU (for software installation).


What I have done and tried:  I have a group in AD called group1 with 2
members.  This group has been added to the security tab of a server,
called server1 with Full control.  I created a GPO called test and
defined the "Allow Login through Terminal Services" and to group1.
Within the scope, I applied the policy to the OU with server1 in it, and
added the server1 to the security filter.


This did not work for some reason.  I even went as far as logging into
server1 and adding group1 to the remote users group to no avail.


What am I missing????  I know that it is probably something really

Other related posts: