Group policy for Terminal services

[Rob]

Hi

I am trying to apply a group policy for terminal service
users but only want the policy to apply to them when they
are accessing a server through terminal services.

I have created a security group called terminal and added
a user. i have then created a new group policy and linked
it to the domain. I have set the permissions so it only
applies to the terminal group. The problem i am having is
that the policy applies even when the user is not using
terminal services and is just logged on to a client
machine. I only want the policy to apply when using TS

Any help would be appreciated.

Thanks in advance

 

[\Richard McCall [MSFT]\]

It is better to link the Policy to an OU that only applies to the Terminal
Servers and enable loopback processing. Then on the permissions restrict how
applies it.

260370 How to Apply Group Policy Objects to Terminal Services Servers
http://support.microsoft.com/?id=260370

 

[Tim]

I have tried this but the domain admins are restricted.
If I loginto the terminalserver as the local
administrator the group policy doesnot apply.
What are we doing wrong???

Thanks

 

[Chriss3]

Put the TS Server in a OU, Define a Policy for that OU, define settings at
Computer Configuration Level. Edit the Security Permissions for the Policy
Object, and Deny Administrators, Domain Admins or what ever you prefer the
right Apply Policy



--
Regards,

Christoffer Andersson
No email replies please - reply in the newsgroup

http://www.itsystem.se/employers.asp?ID=1

 

[Guest]

I have the users in a group and the servers in a ou. The
restrictions apply to all who log in to the terminal
servers except admins. But I have 4 users that still have
full access to the server. The permissions on the OU
allow only my user group and system. If these users logon
to server 1 the restrictions apply. If the hit server 2
they do not. I am really confused.

Thanks for your help

Tim