[THIN] Re: Less stupid
- From: "Braebaum, Neil" <Neil.Braebaum@xxxxxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Fri, 2 Jul 2004 11:01:19 +0100
Well there's computer policy settings (probably HKLM stuff) and user
policy stuff (normally HKCU stuff).
Now for the moment, forget about loopback processing.
Machine / computer section policies apply when the machine comes up, and
it's account within AD, authenticates.
User policies apply when the user logs in, and are for user settings.
The setting you are talking about - from memory - is a computer setting.
Now whilst loopback processing, allows user based policies to be
dependent on the computer (or the computer's AD location - depending on
how you view it...), I'm not sure the reverse applies.
Reading between the lines, that's how I perceive you want to play this -
actually have a machine based setting be dependent on the current user -
and I'm far from convinced that's valid, or will work.
However, I could be wrong - and there may be a user setting that
restricts / allows more than one session - but historically I always
thought it was a machine / connection thing.
Neil
> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx
> [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Nick Smith
> Sent: 02 July 2004 10:38
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Less stupid
>
> OK, same issue as the dumb one, but this is a problem of
> understanding rather than 'blindness'.
>
> I've never really got how GPOs 'merge'.
>
> I have a GPO, applied now to all servers, which states "Only
> on session per user". I want to disable that GPO for one
> user, 'demo' (Who, for convenicence, is also in his own OU,
> and his own security group).
>
> What I've tried;
>
> 1) Put permissions on the Allow_single_session_only GPO for
> the 'demo' security group. I can see this group, I can set
> permissions, I click 'OK' and the group doesn't show up in
> the permissions list.
>
> 2) Create a GPO applied to the 'demo' OU, which specifically
> disable the singel session value. No effect.
>
> I know I'm being stupid, and have a feeling it's something
> to do with loopback, or permissions, but can't get to it.
>
> Any help much appreciated, as we're mean to go public with
> this demo soemtime today!
>
> Nick
***********************************************
This e-mail and its attachments are confidential
and are intended for the above named recipient
only. If this has come to you in error, please
notify the sender immediately and delete this
e-mail from your system.
You must take no action based on this, nor must
you copy or disclose it or any part of its contents
to any person or organisation.
Statements and opinions contained in this email may
not necessarily represent those of Littlewoods.
Please note that e-mail communications may be monitored.
The registered office of Littlewoods Limited and its
subsidiaries is 100 Old Hall Street, Liverpool, L70 1AB.
Registered number of Littlewoods Limited is 262152.
************************************************
********************************************************
This weeks sponsor Emergent Online Thinssentials Utilities
Using the latest software, hardware, networking technologies, proven technical
expertise, proprietary software and best practices, EOL provides
custom-tailored solutions for each client?s mission and specific goals.
http://www.go-eol.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
Other related posts:
