We use roaming profiles for our Citrix servers (2003 AD and servers) and have used the Deny (Apply) checkbox under Advanced to prevent the Domain Admins from having the policy apply. Since the policy applies to the Terminal Sever under the computer area I can see how the deny may now work as I want to exclue the policy from certain users or groups but the policy is applying to comptuers.

Any suggestions on how to prevent roaming profiles for Administrators on our Citrix/Terminal servers?