[gptalk] Re: access denied (security filtering)

  • From: jpsalemi@xxxxxxxxxxxxxxxxxxx
  • To: gptalk@xxxxxxxxxxxxx
  • Date: Thu, 13 Mar 2008 11:34:44 -0500

Hi Bill, 

The terminal server is a member of authenticated users, that's why that 
works. You could also apply the policy directly to the machine name, same 

If your users are separated, which is sounds like they are, the easiest 
way to do this is to have a loopback applied to authenticated users, in 
replace mode. Leave the user section blank. Then you can add user type 
policies over your terminal server OU, that will apply to different groups 
of users using filtering the way you are trying to.

Hope this helps,

"McDonald, William" <wmcdonald@xxxxxxxxxxxxx> 
Sent by: gptalk-bounce@xxxxxxxxxxxxx
03/12/2008 05:55 PM
Please respond to


[gptalk] access denied (security filtering)

I am trying to apply a gpo on a terminal server to an individual or small 
group of users. I have loopback set, but my gpo will only work if I put 
'authenticated users' in the scope. Any other group or user gets 'access 
denied (security filtering)' when you test the GPO in modelling. The 
terminal server belongs to a TS OU, and that is where my GPO is linked. 
Anyone see this before?
Bill McDonald
Systems Administrator II
Ebara Technologies, Inc. 
51 Main Avenue 
Sacramento, CA 95838 
Direct: (916) 923-7865 
Fax: (916) 920-5066 

Other related posts: