Loopback Processing with Security Groups (No separate OU)

  • Thread starter Thread starter addagatla.srinivas
  • Start date Start date
A

addagatla.srinivas

Hi,

I have Terminal Servers in different OUs which are maintained as per
the site( say Newyork, Italy etc) and I would like to set few
Computer/User restrictions on these servers located in Newyork OU only
for now.

I do not want to create any separate OU but would like to get my work
done with security groups which has my Terminal Servers as members.
Will it work if i do as below,

* Create a GPO
* Apply Terminal Servers security group to GPO
* Link it to NewYork OU

If above is possible then it really helps me to configure restrictions
only for Terminal Servers excluding rest of the servers in NewYork OU
without disturbing our current OU struct. For testing i did below

a) I created a GPO, configured all computer and user restrictions,
linked that GPO to Separate OU which has only 1 server ( Terminal
Server) and filtered the GPO to authenticated users and i could see
that both computer and user restrictions got applied this way

b) Now removed the Authenticated Users and just added the server alone
to the GPO and tried but this time only computer settings got applied
but not users setting

Could someone help me to know how to get the work around for my
problem.

Thanks in Advance.
 
Howdie!

I have Terminal Servers in different OUs which are maintained as per
the site( say Newyork, Italy etc) and I would like to set few
Computer/User restrictions on these servers located in Newyork OU only
for now.
I do not want to create any separate OU but would like to get my work
done with security groups which has my Terminal Servers as members.
Will it work if i do as below,
* Create a GPO
* Apply Terminal Servers security group to GPO
* Link it to NewYork OU
Click to expand...

As far as I can see this, it will work. But why don't you work with
Group Policies at Sites?
a) I created a GPO, configured all computer and user restrictions,
linked that GPO to Separate OU which has only 1 server ( Terminal
Server) and filtered the GPO to authenticated users and i could see
that both computer and user restrictions got applied this way
OK.

b) Now removed the Authenticated Users and just added the server alone
to the GPO and tried but this time only computer settings got applied
but not users setting
Click to expand...

If you grant "Authenticated Users" only "Read" permissions on the
policy, will it work?

cheers,

Florian
 
Back
Top