We have users that login to Terminal Service servers. Our environment consists of a Windows AD, with user and computer groups & members.
We use Group Policy to administer most of our client side settings.
In our Active Directory, there exists an OU for Terminal service servers. Within that OU are terminal service servers as members.
Our domain controller(s) are Windows Server 2003, and our Terminal Service servers are Windows Server 2003.
The problem: Internet Explorer Enhanced Security is preventing web-based applications that users logging in to Terminal Services are trying to test.
We have tried several methods to resolve this.
From an administrative login, we disabled Enhanced Security through Add/Remove programs, completely. For both Admins and Power users.
No change to a logged in user - pop ups indicating Enh. Security still working.
We have applied registry keys (example below) per Microsoft recommendations in order for particular sites to be viewed as Trusted instead of Internet, in hopes of less restrictive zone settings.
No change to a logged in user - pop ups indicating Enh. Security still working.
Example: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\ZoneMap\EscDomains\<domain>.com
"http"=dword:00000001
"https"=dword:00000001

Through an administrative login, We configured the Trusted sites zone settings to "Low security".
Again, no change to a logged in user - pop ups indicating Enh. Security still working.

In Jeremy's 3rd edition, it looks like a possible solution would be the "Group Policy Loopback - Replace Mode for Terminal Services". Can someone please advise on this? Are there other options or things we should be doing? Any feedback will be greatly appreciated. Thank you!