none
Group Policy isnt applying to all members of an OU

    Question

  • Ok so I am working in a server 2012R2 RDS/terminal services environment where we have 3 RDS servers.

    Basically we have created different policies in our different OU's in order to control who can see what within the server.

    We've limited the control panel using group policy so that our uses can only see the devices and printers section.

    The weird issue that we are having in several OU's is that the majority of our users are able to see printers in the control panel as expected - but some users are seeing a message that says this has been restricted (please contact admin etc).

    All of our users in each OU have the same rights as far as permissions and are members of the same security groups.

    We are using WMI filtering etc and I have checked inheritance - RSOP shows that the policies are being applied to the ones who are receiving the message.

    Same issue on all 3 servers for the users who have the fault.

    Any ideas?


    • Edited by Gareth373 Thursday, September 03, 2015 5:58 PM
    Thursday, September 03, 2015 5:57 PM

Answers

  • Can it be a bad profile with old stall settings in it. Did you tested by resetting the profile on all 3 RDS server,and log again ?

    Regards, Philippe

    Don't forget to mark as answer or vote as helpful to help identify good information. ( linkedin endorsement never hurt too :o) )

    Answer an interesting question ? Create a wiki article about it!

    • Marked as answer by Gareth373 Friday, September 04, 2015 10:11 AM
    • Unmarked as answer by Gareth373 Friday, September 04, 2015 10:11 AM
    • Marked as answer by Gareth373 Monday, September 07, 2015 4:59 PM
    Friday, September 04, 2015 12:46 AM

All replies

  • Can it be a bad profile with old stall settings in it. Did you tested by resetting the profile on all 3 RDS server,and log again ?

    Regards, Philippe

    Don't forget to mark as answer or vote as helpful to help identify good information. ( linkedin endorsement never hurt too :o) )

    Answer an interesting question ? Create a wiki article about it!

    • Marked as answer by Gareth373 Friday, September 04, 2015 10:11 AM
    • Unmarked as answer by Gareth373 Friday, September 04, 2015 10:11 AM
    • Marked as answer by Gareth373 Monday, September 07, 2015 4:59 PM
    Friday, September 04, 2015 12:46 AM
  • Hi Gareth,

    Thank for your post.

    Does the error happen only to the three RDS sever?

    Could you please create a new OU for the three Terminal Services server, then create a Group Policy object for the OU.

    If the issue persists, please help me collect if there's the error logs in Event Viewer.

    Here is the article about How to apply Group Policy objects to Terminal Services servers

    https://support.microsoft.com/en-us/kb/260370

    Best Regards,

    Mary Dong


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, September 04, 2015 6:22 AM
    Moderator
  • Hi Philippe,

    Thanks for your reply, I had marked this as the answer originally and then somehow it knocked itself back off again!

    In short, we discovered it was an issue with the user profiles somewhere! After a lot of messing around we just gave up and created new user profiles for the problematic ones and everything is fine again now!

    Many thanks

    Monday, September 07, 2015 5:01 PM
  • My pleasure, glad it have helped !

    Thanks for the feedback :)


    Regards, Philippe

    Don't forget to mark as answer or vote as helpful to help identify good information. ( linkedin endorsement never hurt too :o) )

    Answer an interesting question ? Create a wiki article about it!

    Tuesday, September 08, 2015 2:57 AM