http://blogs.technet.com/b/askds/archive/2013/05/21/back-to-the-loopback-troubleshooting-group-policy-loopback-processing-part-2.aspx
Security filtering requirements:
1. The computer account must have READ and APPLY permissions to the GPO
that contains the loopback configuration setting.
2. If you are configuring user settings in the same GPO as computer
settings, then the user and computer accounts will both need READ and APPLY
permissions to the GPO since there are portions of the GPO that are applicable
to both.
Thanks
Webster
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of
Carl Stalhood
Sent: Wednesday, July 22, 2015 4:01 PM
To: Thin Freelists
Subject: [THIN] Re: GPO question
With loopback processing and security filtering, did you also add Domain
Computers to the security filter? The XenApp computers need to be able to read
the GPO.
On Wed, Jul 22, 2015 at 2:37 PM, Jason Benway
<benwayj@xxxxxxxxxxx<mailto:benwayj@xxxxxxxxxxx>> wrote:
I have our standard GPO for XA (desktops and apps) set with loopback
processing. I’m trying to add another GPO that runs a script, I want it to only
run for an AD group of users, so it’s a separate GPO with security filtering
for that group. But it’s not applying when the users log in. Gpresult shows the
GPO as Inaccessible, if I change the security filer back to authenticated
users, it works but runs for everyone.
It’s got to be something easy but I just can’t figure it out. What am I missing?
Thanks,jb
