12-20-2017, 05:19 AM
Hi,
I have an GP on an OU that contains my terminal servers. The GP specifies the path for roaming profile to be used when accessing the terminal server.
I have the "Apply Policy" security setting for Domain Admins set to deny per KB816100 How To Prevent Domain Group Policies from Applying to Administrator (Windows Server 2003).
However, when I log in as Domain Administrator a roaming profile is used.
I used RSOP to look at the setting for the romaing profile path and it says it is being set by the GP on the terminal servers OU.
Can anyone explain why the Deny isn't working?
Please help.
Thanks!
I didn't find the right solution from the Internet.
References:
https://social.technet.microsoft.com/For...inserverGP
Minimalist Animation
I have an GP on an OU that contains my terminal servers. The GP specifies the path for roaming profile to be used when accessing the terminal server.
I have the "Apply Policy" security setting for Domain Admins set to deny per KB816100 How To Prevent Domain Group Policies from Applying to Administrator (Windows Server 2003).
However, when I log in as Domain Administrator a roaming profile is used.
I used RSOP to look at the setting for the romaing profile path and it says it is being set by the GP on the terminal servers OU.
Can anyone explain why the Deny isn't working?
Please help.
Thanks!
I didn't find the right solution from the Internet.
References:
https://social.technet.microsoft.com/For...inserverGP
Minimalist Animation