If memory serves me right then this is expected behaviour. http://support.microsoft.com/kb/953768 says vista and onwards but I remember the same thing applying for 2003.
-Anders On Fri, Apr 13, 2012 at 11:11 AM, James Rankin <[email protected]>wrote: > I have a GPO with user settings that I am applying to an OU with Terminal > Servers in it (Loopback Policy Processing is configured in another GPO on > the same OU). I also want to apply a security filter to the user settings > OU so that only a certain AD group are subject to it. However, whenever I > change the security filter from Authenticated Users, the GPO does not apply > even though the user is a member of the AD group in the security filter. > The only way I can get it to work is by adding the computer accounts for > the Terminal Servers to the security filter, which has me baffled because > these are user settings and shouldn't be applied to the computer accounts, > should they? I could be utterly wrong but I have checked GPOs I used in > other, similar environments and I never had to add computer accounts > specifically to a security filter for a user settings GPO to work. > > Can anyone confirm if this is expected behaviour or not? > > TIA, > > > > JRR > > -- > http://appsensebigot.blogspot.co.uk > > IMPORTANT INFORMATION/DISCLAIMER > > I certainly don't have time to monitor the content of e-mail sent and > received via this account for the purposes of ensuring compliance with > anyone's policies and procedures. I am pretty sure that somewhere in UK > legislation there is some politically-correct drivel that stipulates I must > never send or store e-mails or attachments that are obscene, indecent, > sexist, racist, defamatory, abusive, in breach of copyright, encrypted, > amusing, overly long, slightly opinionated, anonymous, likely to harm > animals or hurt the feelings of an as-yet-unspecified or as-yet-nonexistent > minority (such as extraterrestrial eggplants). Emails of this nature sent > in or out of this account may be intercepted and stopped by the system, but > it's a long shot. This being the UK, even if I was prosecuted for breach of > said email guidelines, I'd probably walk with a suspended sentence anyway, > but if I'd forgotten to pay my car insurance, I'd most certainly be hung, > drawn and quartered. > > I am not responsible for any changes made to the message after it has been > sent, in more or less the same way that cyclozine manufacturers aren't > responsible for drug addicts mixing it with methadone and overdosing, so > I'm glad I cleared the confusion up there nice and early. Where opinions > are expressed, they are not necessarily mine. However, I don't make a habit > of expressing other people's opinions for them, so you shouldn't take that > statement as an indication that I am in the business of providing an > opinion-expressing service. In the event that I did, this discourse would > provide no guarantee that I would do it anyway, but I don't, so I won't. > > This e-mail and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they are > addressed. If you are not the intended addressee, or the person responsible > for delivering it to them, aside from the fact that you've clearly got some > level of unauthorised access to their account or are at least engaged in > some sort of fraud, I'm obliged to tell you that may not copy, forward > disclose or otherwise use it or any part of it in any way. To do so may be > unlawful, and as you're already breaking the law, I am sure that bombshell > makes you quake in your boots and turn yourself over to law enforcement > immediately. If you receive this e-mail by mistake, please advise the > sender immediately. That would be me, and as I am clearly prone to sending > emails to completely the wrong person, I should instantly be stripped of my > status as a technical consultant and sent to do something more becoming of > my stupidity, such as appearing on Big Brother, the X Factor or "insert > country name here"'s Got Talent. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
