Allows user-based policy processing, roaming user profiles, and user object logon scripts for interactive logons across forests. This setting affects all user accounts that interactively log on to a computer in a different forest when a trust across forests or a two-way forest trust exists. When this setting is not configured: - No user-based policy settings are applied from the user's forest - Users do not receive their roaming profiles; they receive a local profile on the computer from the local forest. A warning message appears to the user, and an event log message (1529) is posted. - Loopback Group Policy processing is applied, using the Group Policy objects (GPOs) that are scoped to the computer. - An event log message (1109) is posted, stating that loopback was invoked in Replace mode. When this setting is enabled, the behavior is exactly the same as in Windows 2000: user policy is applied, and a roaming user profile is allowed from the trusted forest. When this setting is disabled, the behavior is the same as if it is not configured. Fix: (1) GPO: Computer Configuration\Administrative Templates\System\Group Policy!Allow Cross-Forest User Policy and Roaming User Profiles (2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System!AllowX-ForestPolicy-and-RUP