If I follow your scenario, then it is entirely possible to get user group policy from a Win2k device within an NT 4 domain. I can't think of any good way to prevent them from getting that policy, other than using user or user group-based security filtering on that GPO to prevent these users from processing the policy. That assumes, of course, that you know reliably which users are logging into that TS and can neatly exclude them.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mike Baudino Sent: Wednesday, March 03, 2004 4:19 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Active Directory users and Terminal Server in NT4.0 domain All, We appear to be having an issue with users in an Active Directory domain who need to get to applications on Windows 2000 Terminal Server in an NT4.0 domain that trusts the Active Directory domain. It appears that the group policy for the users is trying to get applied and it's affecting the Terminal Server. I didn't think this could even happen. Does this make sense? What can we do to prevent it? Thanks, Mike ******************* PLEASE NOTE ******************* This E-Mail/telefax message and any documents accompanying this transmission may contain privileged and/or confidential information and is intended solely for the addressee(s) named above. If you are not the intended addressee/recipient, you are hereby notified that any use of, disclosure, copying, distribution, or reliance on the contents of this E-Mail/telefax information is strictly prohibited and may result in legal action against you. Please reply to the sender advising of the error in transmission and immediately delete/destroy the message and any accompanying documents. Thank you. List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
