+ Post New Thread
Results 1 to 3 of 3
Windows Server 2008 R2 Thread, Cross Domain Group Policy - Remote Desktop Session Host in Technical; Hope someone can help. I am having massive trouble with Group Policy over our system. What we have is two ...
  1. #1
    jdell's Avatar
    Join Date
    Mar 2012
    Location
    Swindon
    Posts
    90
    Thank Post
    5
    Thanked 4 Times in 3 Posts
    Rep Power
    5

    Exclamation Cross Domain Group Policy - Remote Desktop Session Host

    Hope someone can help.

    I am having massive trouble with Group Policy over our system. What we have is two domains one (domain a) with the users on with 4 DC's all with replication working and all the "fat" clients and a second (domain b) with all the Remote Desktop Session Host on with there own DC.

    We have a cross domain trust from Domain A to Domain B - Which is Transitive, Two way and Forest wide Authenticated. This works as you can get to files from one to the other and log on from one to the other etc which is prefect.

    However here comes the issues. The GPO's are not being loaded properly, so the user GPO's from Domain A - and the Computer GPO's from Domain B which should be applied to the Remote Desktop Session Host's when the user log on and just not coming in meaning the students can see all the server settings and change what they like.

    We are desperate to resolve this issue but I cannot see why the GPO's are not coming across and do not know where to start really. I have run rsop.msc and the result shows that the GPO on domain B call "Terminal Servers" is being applied but the rules dont work so what the heck is going on I have no ideas.

    Any ideas would be much appreciated.

    Thanks

  2. #2

    Join Date
    Dec 2009
    Posts
    252
    Thank Post
    5
    Thanked 28 Times in 26 Posts
    Rep Power
    14
    To accomplish this we actually set the user part settings for the Sessions host in the domain of the Session Host. We went very granular in having a seperate policy of user part and computer part. Apply both policies to the Same OU. In the user party policy configure 1 computer part setting which turns loopback processing on (either merge or replace) Then configure the users settings you want in this policy.

    I can think of no technical reason why you'd need 2 policies, so feel free to just have 1 policy that configures the computer and user parts (just make sure loopback is configured).

    Then for the scope of the policy we have a universal group, which contains a global group from the user domain, containing the users the settings should apply to when logging onto that particular Session Host.

    This means we can have different user part settings for every Session Host if we so wish.

    Hope that makes sense - was a nightmare to setup, but fairly quick process for us to follow to create a new Session Host now. - Just to note splitting the Session Hosts into another domain would not be my preferred approach, it was one of those "make this work" scenarios

  3. Thanks to Firefox from:

    jdell (23rd October 2012)

  4. #3
    jdell's Avatar
    Join Date
    Mar 2012
    Location
    Swindon
    Posts
    90
    Thank Post
    5
    Thanked 4 Times in 3 Posts
    Rep Power
    5
    Thank you,

    I will look at this now.

    I agree spilitting our Domain in 2 was not the best idea but we had to due to the 2003 DC /2008 RDSH issue.

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 3
    Last Post: 29th June 2012, 01:22 PM
  2. killing remote desktop sessions?
    By salan in forum Windows
    Replies: 9
    Last Post: 23rd April 2012, 08:25 AM
  3. Domain Group Policy Questions
    By M0MST in forum Windows Server 2008
    Replies: 4
    Last Post: 4th November 2010, 10:02 AM
  4. Cross Domain Group Policy issue
    By Stuart_C in forum Windows Server 2000/2003
    Replies: 5
    Last Post: 23rd January 2010, 11:48 AM
  5. Cross domain group policy processing
    By adamf in forum Windows Server 2000/2003
    Replies: 13
    Last Post: 10th December 2009, 11:26 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •