Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

member server still acts like terminal server

Status
Not open for further replies.

whatsys

IS-IT--Management
Jul 27, 2009
12
US
I took a 2003 member server and put it in an OU that applies the domain terminal server lockdown policy. Some of the GPOs worked, some didnt. When I removed it and made it a member server again, it still acts like it is in the TS OU. I did a gpupdate from a DC. I logged on as a domain admin, and that had no effect. I logged on as domain\administrator and that gave me access to admin tools, all programs, full control panel, etc but it still wont let go of some of the TS GPOs. A reboot had no effect. What am I missing here?
 
Check the following registry keys to see if the policies are still being applied:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy

HKEY_Local_Machine\Software\Microsoft\Windows\CurrentVersion\Group Policy

Also check to see if the settings within the policies may still be applied:

HKEY_CURRENT_USER\Software\Policies

HKEY_Local_Machine\Software\Policies

I think that once you apply some of the lockdown policies they alter the standard settings and have to be specifically undone.

Which policies are still in effect.

 
I cant open regedit for any user except domain\administrator.

In HKEY_Local_Machine\Software\Microsoft\Windows\CurrentVersion\Group Policy, there are 18 subkeys, each with a different SID. In the GroupMembership key, there are Group values with full and partial SIDs. Same for HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy, GroupMembership subkey. Otherwise, I dont know what specifics you want me to provide.

When you ask which policies are still in effect, do you mean when you mean specific registry settings, or just by observation of how the server is acting?
 
I backed up the 3 keys before I deleted them.

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft]
I deleted deleted "Microsoft"

[HKEY_CURRENT_USER\Software\Policies\Microsoft]
I deleted deleted "Microsoft"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
I deleted "Policies"

gpupdate /force

No joy.

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top