Hi there, I run a small office and due to the covid-19 I've setup users to use RDP to work from home. There has been a couple of times where they accidentally shut down the computer requiring me to go to the office to turn them on. I added the GPO to the Default Domain Policy to disable the shutdown/sleep from the start menu. While this has been working fine, ideally I could apply this to only RDP sessions, but I couldn't find any GPO for that. That said, I don't want this being applied to my DC and it is so on the Default Domain Controller Policy, I enabled that GPO thinking it's precedence over the Domain Policy will overwrite it. This didn't work, and the Domain Policy is not enforced. I blocked inheritance on the DC OU yet the Domain Policy is still applying. I don't understand why/how the Domain Policy is applying when it's not inherited or enforced.
I guess I could just create a new policy and put it into the workstation OU and remove the GPO from the Domain policy, I'm just trying to understand why what I did isn't working as I would expect.
PS if anyone has advise on how I can apply the gpo only to rdp sessions, I'd be grateful.
Source link:
https://social.technet.microsoft.com/Forums/en-US/f193a12e-1ad4-4377-b46d-028035c1235b/gpo-inheritance-blocked-but-still-applying?forum=winserverGP