Using GP to Lock Down 2003 SP1/2

  • Thread starter Thread starter tuned
  • Start date Start date
T

tuned

We have a terminal server farm of roughly 5 servers. We have numerous GP's
that are set up to apply to different groups and also to lock down the
servers. All the policies seem to work fine on our 5 2003 EE servers, all
without SP1 or SP2. We recently added 3 more servers that have SP1, but not
all the policies are applying properly(java applets in trusted websites will
not run with regular user credentials, only admin). If I remove the policy
to lockdown the servers everything works fine. I've been trying to figure
out why it won't work since we've never had any problems with the initial
servers. Are there any settings that SP1 might update that would prevent
GP's from running properly?
 
Did some more testing. Looks like the problem only occurs when the Loopback
feature is enabled on the policy to lock down the servers. The DC's are 2003
(no service packs) which were upgraded from 2000. I'm interested in
installing the 2003 sp1 adm template, just not sure I can do it wthout any
problems on the domain.

"tuned" wrote:

> We have a terminal server farm of roughly 5 servers. We have numerous GP's
> that are set up to apply to different groups and also to lock down the
> servers. All the policies seem to work fine on our 5 2003 EE servers, all
> without SP1 or SP2. We recently added 3 more servers that have SP1, but not
> all the policies are applying properly(java applets in trusted websites will
> not run with regular user credentials, only admin). If I remove the policy
> to lockdown the servers everything works fine. I've been trying to figure
> out why it won't work since we've never had any problems with the initial
> servers. Are there any settings that SP1 might update that would prevent
> GP's from running properly?
 
Back
Top