I would like to apply a group policy preference setting (to deploy a shared printer) only if a user is connecting to a RDSH server from a non domain-joined client computer. Many of these clients will come in through an RD Gateway Server.
Item-level targeting looks promising, particularly the Terminal Session item's Client Name parameter. But the connecting clients are users' home computers over which I have no control of the names. Further this parameter doesn't include the client's domain, so using "IS NOT mydomain" isn't an option.
How can I apply my GPP setting only when the client computer from which the user is connecting to the RDSH server is not domain-joined?
If your non-domain clients connect from an IP address that is not in your domain network's IP address range, then you can do the following to apply a Group Policy Preference Item to a user's session when he connects from a remote, non-domain workstation.
SELECT * FROM Win32_ComputerSystem WHERE NAME='RDSERVER')On the Group Policy Preference Item to be applied to non-domain remote sessions, enable Item Level Targeting, then:
Provide the complete IP address range of the domain network
Note: You can add the IP Address Range item multiple times to exclude several IP address ranges if the domain network uses multiple, non-contiguous IP subnetworks.