[gptalk] Re: Terminal Server Group Policy

  • From: "Omar Droubi" <omar@xxxxxxxxxxxxxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Tue, 16 Oct 2007 09:02:48 -0700

sounds like two separate issues- but may be related.
by default the remote desktop users group is allowed logon through terminal 
services (w2k3) on w2k you should only need to add the necessary group to 
"Allow log on through terminal services- but you may also need to add allow 
logon locally
Are your users members of the Remote Desktop Users group on the local terminal 
What are the security filtering settings on the GPO in question. If you are 
using GPMC- which you should be- on the general page of the GPO properties you 
it will list which groups the policy applies to. (if the page is not named 
general- then it is the left most page in the task pane of the GPMC)
As for your restricted groups- which groups are you managing with this policy 
and is the policy applied to the OU that contains the terminal servers?


From: gptalk-bounce@xxxxxxxxxxxxx on behalf of Justin Salandra
Sent: Tue 10/16/2007 8:10 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Terminal Server Group Policy

I have a terminal server setup with a group policy being applied, however even 
though all permissions are correct and the user account and computer account 
both have access to  read and apply the policy, you are unable to login as the 
user and the computer itself reports that Security Filtering is denying the 


We are using restricted groups in the group policy and a new group created 
within AD was added as a member of that group so the end user has the rights to 
login, but because the policy is not applying, it is not working.


There are no errors in the System or Application log, all seems to be working, 
any ideas?


Justin A. Salandra

Director of Technology

Citadel Perimeter

62 William Street

New York, NY 10005

Office 212.931.8830 x209

Cell 917.455.0110




Other related posts: