none
prevent GPO from following a user

    Question

  • Windows Server 2008 R2

    i can't seem to recall the term but there is a way for a GPO to not follow a user from being applied when such user RDP to a server.

    the GPO only needs to be applied when a user logs in to a workstation but should not when the user RDPs to a server specially admins where GPO processing upon login will unnecessarily delay urgent maintenance work.

    what is it or how it's done?

    Tuesday, July 26, 2016 5:25 AM

Answers

All replies

  • Hi,

    https://support.microsoft.com/en-us/kb/231287

    You need to use loopback process for RDS server

    • Proposed as answer by RabanserD Tuesday, July 26, 2016 6:52 AM
    • Marked as answer by Jay GuModerator Thursday, July 28, 2016 5:35 AM
    Tuesday, July 26, 2016 5:54 AM
  • Hi,

    the GPO only needs to be applied when a user logs in to a workstation but should not when the user RDPs to a server specially admins where GPO processing upon login will unnecessarily delay urgent maintenance work.

    >>>To clarify, what you want to do is GPO applied to user when the user logon workstation and the GPO will not apply to user when the user logon with RDP.

    As far as I know, there is no built-in way to do this. You may need achieve this by script or third-party tool.

    In addition, logon workstation and logon with RDP the two processes use RDS source with same way. So it makes little sense that configure different GPO for those two processes.

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, July 26, 2016 7:40 AM
    Moderator