Xendesktop Active Directory and Group policy
settings
1)
The following OU structure woud be recommended for the
Xendesktop servers:
·
- The Storefront Servers – Should be moved into the Access OU
- The Desktop Delivery Controllers -- Should be moved into the Control OU
- The Hosting servers – Should be configured to be created in the Hosting OU
- The Master image -- Should be moved to the Master OU. If you have problems registering this object and moving it, then you can always use this powershell command:
2) Group
Policy Management console can be used to “Block Inheritance” at the “Xendesktop”
OU level
A GPO should be created and linked to the “MASTER”
OU, with the following setting applied:
3) I have two example policies that are linked to the “Hosting” OU. One of the GPOs contains the Loopback and Computer Configuration Settings, while the other Contains the User settings. You could use one GPO, but I decided to do this to make it easier to fault find or test settings.
Loopback – loopback processing and
computer settings
Desktop Lockdown – User settings
An example of the settings to be
configured for each GPO can be found in this shared location. Download and open each file in IE:
You may need to add the GPO Admin
Templates for Office 2010. I have
included a zip file containing these templates.
This will make sense when you go to configure the Desktop Lockdown
settings. The zip file is called “Office TempladesGPP.zip”
 The following OU structure woud be recommended for the Xendesktop serv...){kind=link}