We have a very similar situation. The Citrix MetaFrame boxes are the same OU as other servers. We created two policies for the Citrix settings. One for the machine policies and one for the user policies. We also created two groups, one for the Citrix machines and one for the Citrix users. The machine policy is filtered so that it only applies to the members of the "citric servers" group in that OU. The Citrix user policies are applied via loop back processing and filtered by the "Citrix Users" group so that the user policies are only applied to members of the Citrix Users group when they log onto the meta frame servers (including terminal sessions).
Just don't put your Citrix admins in the Citrix users group and they wont have the policies applied when the log onto the box. Diane -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rogers, James Sent: Tuesday, February 08, 2005 7:38 AM To: [email protected] Subject: [ActiveDir] Citrix GPO Application I'm struggling with an issue that I'd like to get some insight on. I'm building a new Citrix Metaframe XPs machine that I need to apply a group policy to. However, I don't want this policy to affect administrators, only users. Because of the way our AD is structured, I can only apply these settings to the OU with the server, not to the OU's with the users. Is there any way I can tell the GPO to ignore administrative users and only apply to regular users that log in to the machine? -James R. Rogers List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
