Hi,
We have a good to go envoirnment with Xen app 6.5. This monday onwards we started reciving lot of calls where in people complaint about "Your interactive login privilege a has been disabled" upon finding i see on AD account properties Deny permission to log on Session Host server option is enabled. Unchecking the option resolves the issue, however, need to find how come this is enabled.
The last activity which we can track is OU movement of these objects and there is no GPO defines this behaviour. I want to enable auditing for such things.