Question

Locked

AD Policy doesn't apply correctly !

By sebastien.acteau ·
Hi All !

I'm currently facing a problem when trying to implement an auto-lockout policy trought our domain to lock each computer after a specified time(user configuration/policy). Here's the thing, I don't want this restriction to apply to our terminal server that is not a domain controller...user use the same account to log on the ts so when station locked they have to unlock both session and it's kinda anoying.

We're using Windows Server 2003 Standard Edition for both ts and dc. Does anyone know a way to work this out ?

I did try to put the ts(computer object)in a separate OU and then bind a policy to this OU with the "Block policy inheritance" but that doesn't seem to work... in fact, not a damn policy that I tried to apply at a computer level work. It's like if something we're preventing them to being applied. Any tougts bout this ?

Thank all and pardon my english !

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Sounds like your trying to apply a user policy to a computer

by Nonapeptide In reply to AD Policy doesn't apply c ...

Is the policy you are trying to apply under the "User >> Admin Templates >> Control Panel >> Display" grouping?

Those policies are user configuration policies and won't be able to apply to a computer unless you enable loopback processing on the GPO. Loopback processing makes user configuration settings apply to a computer no matter who logs on to it.

Try enabling loopback processing: http://support.microsoft.com/kb/231287

Post back and let us know how it goes! :)

Collapse -

Good enough for me

by sebastien.acteau In reply to Sounds like your trying t ...

I took a look at the article you've supplied and after a couple of test figured out that it wasn't working at all. At least until I began to use the command "gpupdate" between my tests to refresh the policys on both dc and ts. Finally work this out, ant thank to you guys, everything is working fine now...

Thank for the hand, I just leaved helpfull feedback !

Collapse -

AD Policy doesn't apply correctly !

by me19562 In reply to AD Policy doesn't apply c ...

If the policy you are trying to implement it's to lock the computer when the screen saver runs, that is a user policy just like Nonapeptide said and like Nonapeptide said too you'll need to enable loopback processing in the GPO that you link to the OU where the Terminal Server is.

Collapse -

Also good enough for me

by sebastien.acteau In reply to AD Policy doesn't apply c ...

I took a look at the article you've supplied and after a couple of test figured out that it wasn't working at all. At least until I began to use the command "gpupdate" between my tests to refresh the policys on both dc and ts. Finally work this out, ant thank to you guys, everything is working fine now...

Thank for the hand, I just leaved helpfull feedback !

Back to Networks Forum
5 total posts (Page 1 of 1)  

Hardware Forums