Control Panel and printers disappeared

Patrick Rouse

2005-03-19 23:09:02 UTC

You stated that you "created a new OU, put the user and 2003 server into it".

The preferred Group Policy Setup for TS is:

1. OU for your Terminal Servers
2. User accounts stay in a different OU
3. GPO created and linked to the TS OU.
4. Loopback processing enabled in the GPO, with the Merge or Replace option
selected.
5. Filter the security on the GPO so it has "Apply policy" for the users
you are trying to control, as well as the TS Computer Objects.
6. Filter the security on the GPO so it has "DENY Apply policy" for the
administrator accounts you will be using to administer these machines.

The reason for keeping the users in a separate OU, is because the loopback
policy processing option tells the policy to apply ONLY when users logon to
the specific computer objects in this OU, i.e. the TS. If you put the user
accouonts in this OU, it'll apply the policy even when they logon to their
normal workstations or laptops (that are domain members)

http://www.workthin.com/tshta.htm

Patrick Rouse
Microsoft MVP - Terminal Server
http://www.workthin.com

Post by Rob S
Hi,
After a day of locking down a 2003 terminal server session using the microsoft
<http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/terminal/trmlckd.mspx>
I'm going a little "policy setting blind" and can't see the wood for the trees
now.
I created a new OU, put the user and 2003 server into it, and have been editing
the Group Policy for that OU. Have selected all the MS suggestions, and all
seemed fine.....
The only thing in my Settings menu is now a Windows Security link, which goes to
the ctrl-alt-del screen. I really want the printers entry back, and also control
panel, but can't seem to get them back. I do have an icon which links to a
printer, and this opens OK.
Any ideas what I can change back to get them back?
thanks in advance
-Rob
robatwork at mail dot com