Deny the policy to your admin groups. Also Deny any lockdown policies to your admin groups.
Thanks Carl Webster Consultant and Citrix Technology Professional <http://dabcc.com/Webster> http://dabcc.com/Webster From: Rankin, James R [mailto:[email protected]] Subject: Re: Quick Terminal Services Profile question I am sure I tried that, but will revisit. The problem is that unless I log on to the console the TS profile applies. its a pain to say the least Typed frustratingly slowly on my BlackBerryR wireless device _____ From: Miller Bonnie L. <[email protected]> Subject: RE: Quick Terminal Services Profile question I had a similar problem when applying a software restriction policy to our RDS servers while loopback is enabled, trying to keep it from applying to administrators. The trick I'm using is to use a group for your TS/RDS users and then filter the policy to only apply to that group plus the computer accounts of the RDS/TS servers. You probably also have to reboot the server(s) in question after making the change, since you're dealing with a computer-based policy. Not sure if this will work in your scenario (SRPs are user-based policies), but might be worth a try. From: James Rankin [mailto:[email protected]] Subject: Re: Quick Terminal Services Profile question This GPO is certainly annoying! When configured, it kicks in for every user on the terminal server (including admins). Obviously I want regular users to get the mandatory profile and admins to have a standard profile. But as it is a Computer GPO, I can't filter it by groups or users. I can't even use AppSense to deploy it as it can only have conditions determined for the computer object. This seems a bit insane - I can set the TS profile for users, but only on a machine basis? The only thing I can think of to work around is to run a user logon script that runs tsprof to change their profile setting to the mandatory if they are in a certain group. But that seems a little bit backward to me, I was hoping to handle this via a GPO. Am I missing something glaringly obvious here? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
