Hi,
Currently my users use desktops and have user and computer GPOs applied (typical things like logon scripts etc.) at the OU level where they reside e.g. Finance Users, Sales Users etc.
I am planning a Remote Desktop 2012 environment.
I have read the following:
TechNet cc779327
So, my understanding is that I create a new OU for my Remote Desktop Server only (not users), and create a new security Group for my RD Users and a security group for my RD server.
- Remote Desktop Servers OU
* RD User GPO (filter on RD User security Group and RD Computer Security Group)
* RD Computer GPO (filter on RD User security Group and RD Computer Security Group)
I then apply all computer settings to the RD Computer GPO (loopback processing, Windows installer, hide shortcuts etc.).
I then apply all user settings to the RD User GPO (app specific, templates etc.)
- Why not consolidate the two GPOs into one?
- If I set computer settings in the computer GPO, and apply it as above to filter to the RD Server group and RD Users Group will this apply to only users un the RD User Group...or ALL users since I added the server to the filter?
- If a user currently gets a setting in their normal OU e.g. Finance logon script, will they still get it on the Remote Desktop? Or do I need to copy that GPO setting to my new RD User GPO also?
- Am I right to add both RD Server and RD User groups to the filter on both RD User and RD Computer GPOs?
- Loopback processing - merge or replace typically for Remote Desktop?
