Maybe one of you out there are a GPO expert and can see what I'm doing wrong here.
I have a terminal server setup that I want users to log into and have a very restricted desktop experience. As such I've done the following.
in AD I've created a OU called Terminal Server and moved the server into that OU.
I then created a GPO called Terminal Server Policy, enabled loopback processing, configured all the stuff I want the policy to do, and then linked it to the Terminal Server OU.
I then added the Remote Operators group to security filtering.
In theory this should allow the admin to work the console and login witout policy affecting him yet when a user logs in remotely the policy would lock down the machine for them. But when I do gpresult I'm not seeing the policy being processed. The strange part is that I swear I had it working perfectly on Friday and yet now it's broken. =/
Can you see what I'm overlooking?