Question

  • Creator
    Topic
  • #2230494

    AD Policy doesn’t apply correctly !

    Locked

    by sebastien.acteau ·

    Hi All !

    I’m currently facing a problem when trying to implement an auto-lockout policy trought our domain to lock each computer after a specified time(user configuration/policy). Here’s the thing, I don’t want this restriction to apply to our terminal server that is not a domain controller…user use the same account to log on the ts so when station locked they have to unlock both session and it’s kinda anoying.

    We’re using Windows Server 2003 Standard Edition for both ts and dc. Does anyone know a way to work this out ?

    I did try to put the ts(computer object)in a separate OU and then bind a policy to this OU with the “Block policy inheritance” but that doesn’t seem to work… in fact, not a damn policy that I tried to apply at a computer level work. It’s like if something we’re preventing them to being applied. Any tougts bout this ?

    Thank all and pardon my english !

All Answers

  • Author
    Replies
    • #2560431

      Clarifications

      by sebastien.acteau ·

      In reply to AD Policy doesn’t apply correctly !

      Clarifications

    • #2560422

      Sounds like your trying to apply a user policy to a computer

      by nonapeptide ·

      In reply to AD Policy doesn’t apply correctly !

      Is the policy you are trying to apply under the “User >> Admin Templates >> Control Panel >> Display” grouping?

      Those policies are user configuration policies and won’t be able to apply to a computer unless you enable loopback processing on the GPO. Loopback processing makes user configuration settings apply to a computer no matter who logs on to it.

      Try enabling loopback processing: http://support.microsoft.com/kb/231287

      Post back and let us know how it goes! 🙂

      • #2560213

        Good enough for me

        by sebastien.acteau ·

        In reply to Sounds like your trying to apply a user policy to a computer

        I took a look at the article you’ve supplied and after a couple of test figured out that it wasn’t working at all. At least until I began to use the command “gpupdate” between my tests to refresh the policys on both dc and ts. Finally work this out, ant thank to you guys, everything is working fine now…

        Thank for the hand, I just leaved helpfull feedback !

    • #2560413

      AD Policy doesn’t apply correctly !

      by me19562 ·

      In reply to AD Policy doesn’t apply correctly !

      If the policy you are trying to implement it’s to lock the computer when the screen saver runs, that is a user policy just like Nonapeptide said and like Nonapeptide said too you’ll need to enable loopback processing in the GPO that you link to the OU where the Terminal Server is.

      • #2560212

        Also good enough for me

        by sebastien.acteau ·

        In reply to AD Policy doesn’t apply correctly !

        I took a look at the article you’ve supplied and after a couple of test figured out that it wasn’t working at all. At least until I began to use the command “gpupdate” between my tests to refresh the policys on both dc and ts. Finally work this out, ant thank to you guys, everything is working fine now…

        Thank for the hand, I just leaved helpfull feedback !

Viewing 2 reply threads