Hi all,
There's a site I manage that has lots of users who log onto an RDS server - some are normal users who have been granted access to mapped drives, internet, programs etc, some users are restricted in what they do - no access to mapped drives etc.
The users who are restricted are in a separate OU to the normal users.
I have a GPO assigned to to the OU that the RDS server is located in - this is the main GPO that manages proxy settings, session time restrictions etc.
However, I am trying to set up a separate GPO for the restricted users, but these users are going to still be logging onto the same server.
I have created a separate GPO and placed it directly into the OU for the restricted users. I have also set 'deny' permission to 'apply group policy' for the original GPO that is with the RDS server. However, the restricted users 'Computer' policies are still
being applied from the GPO in the RDS server OU, and not the one that I have created and placed in their own user OU.
The GPO in the restricted users OU has also been enforced and link enabled, but this does not appear to have helped.
Does anybody have any ideas (that do not involve moving the GPO assigned to the RDS server to the OU that the non-restricted users are situated)?
Thanks in advance.