How to Apply Computer Configuration Group Policy to a Remote Desk server based on user security group

windows-server-2008 active-directory group-policy remote-desktop
6,379

You can't filter Computer Configuration settings in a GPO based on a security group that contains users as members. Computer Configuration settings apply to computers, User Configuration settings apply to users, and never the twain shall meet.

The reason it works for Authenticated Users is because all computer accounts are members of Authenticated Users.

Share:
6,379

Related videos on Youtube

Kilmore
Author by

Kilmore

Updated on September 18, 2022

Comments

  • Kilmore
    Kilmore over 1 year

    We are trying to figure out how to have a computer policy apply for only users in a specific security group. Essentially we have a group of users where we want to lock down things like server manager and powershell, but other users should have access to them on this remote desktop server. The RDP server is in its own OU with the group policy applied. In the group policy we updated the scope to only include the security group of the users we want the computer policy applied to. We also ensured under the delegation tab that authorized users had read access to the group policy.

    When we run the group policy modeling wizard group policy is not applied because of security filtering. If we remove the security filtering and just have authenticated users, the group policy is applied ... for all users as you would expect.

    Thanks in advance for your help!

    Dan

    Other Details Windows 2008 R2 Domain and Windows 2012 R2 RDP Server

    • yagmoth555
      yagmoth555 about 7 years
      Can I ask what setting you set ? as usually you can block/allow user with user configuration setting
  • joeqwerty
    joeqwerty about 7 years
    Loopback policy processing allows you to apply different User Configuration settings based on the computer that the user is logging onto. It does not allow you to apply different Computer Configuration settings based on the user that is logging in.
  • yagmoth555
    yagmoth555 about 7 years
    @joeqwerty ah, my bad, badly read the Q. I will keep my answer as a addition to yours then
  • joeqwerty
    joeqwerty about 7 years
    It took me a minute to grasp the question too. As always, you're top-notch!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Domain User can RDP into Domain Controller?
Remove delete permission for active directory group in Microsoft 2008 Server R2
Limit folder size on Windows Server 2008
Group Policy Objects stopped applying to most security groups
Apply Registry or ADM to Group Policy for Login to Specific Servers
processing of Group Policy failed only on 2008 Servers and Name Resolution failure on the current domain controller
Installing Terminal Server (Remote Desktop Services) on a Domain Controller (Active Directory)
GPO Printer Deployment Ordering greyed out
Group Policy Wallpaper Setting for users is only applied for the first time
Active Directory GPO for Password Policy Not Applying from Default Domain Policy