Loopback not working

[PreviousPoster]

Hello, I just joined and I'm having a problem with a group policy for my terminal servers. My servers are Windows 2000 servers in an active directory domain.

As it is I have my users in one OU and then my servers in another OU broken out by OS (server 2k, server 2k3) and then in the server2k OU I have another OU labeled TS Machines. Then I have my workstations in another OU.

The OU for my users has 3 policies applying to my users.
The OU for my workstations has 1 policy applying to my workstations.
The OU for my TS Machines is supposed to have one loopback policy applying to it so that none of the policies in my user OU apply to them on the TS machines.

What's happening is that all 3 of the policies my users get signing on to their workstations also applies to the TS box.

Can anyone help?

Thanks in advance

[JerryC]

Loopback has two modes:

Replace mode: Ignore all user GPO settings along the path to the user account in AD
Merge mode: Apply all user GPO settings along the path to the user account in AD.

Are you using Merge or Replace... (sounds like merge mode)?

====================================

For User (in the More User Accounts OU) + WTS Device where GPO-3 uses Loopback and Merge mode, the GPOs that apply are:
Machine GPOs: DDP + GPO-2 + GPO-3
User GPOs: DDP + GP0-1 + DDP + GPO-3 (Yes - DDP is repeated because it has user settings, No - On GPO-2 since there are no user settings in it)

For User (in the More User Accounts OU) + WTS Device where GPO-3 uses Loopback and Replace mode, the GPOs that apply are:
Machine GPOs: DDP + GPO-2 + GPO-3
User GPOs: DDP + GPO-3

[code:1]
Active Directory GPOs
============================ ==========================================
Domain DDP (User + Machine Settings)
+--Accounts OU
| +--User Accounts OU
| +--More User Accounts OU GPO-1 (User Settings)
|
+--Servers OU GPO-2 (Server Machine Settings)
| +--File Server OU
| +--SQL Server OU
| +--WTS Servers OU GPO-3 (Loopback + Machine + User Settings)
|
+--Workstations OU GPO-4 (Workstation Machine Settings)
+--Laptops OU
+--Desktop OU
+--Lockdown OU GPO-5 (Loopback)

================================================== =======================
[/code]

[PreviousPoster]

Actually I was using replace. The problem was that permissions weren't set up properly for my folder redirection for the TS sessions, so then they would fail. This would was making me think that the policy wasn't applying properly...that and even though in my policy loopback was enabled, when I was testing the policy I didn't know I had to tell the wizard that loopback was enabled so it would mimic those settings.

Rookie mistake. Sorry for wasting time.

[JerryC]

No waste of time at all... many others read these forum messages and so it helps them as well.