What I want to do is create an additional unique AD field for each user machine, create an rdp/termservice resource and use this additional AD field for the "host:" field in the resource.
Now straight away that doesnt sound right to me as the AD field is not a dns value, so the host field will not be able to resolve it. So I'm guessing that there must be another way of mapping a user to their specific machine by way of looking up a unique AD field, which is mapped to their machine only.
over to you clever people!
what this gives you is single sign-on rdp to an ip pulled out of ldap
just need to have your Windows guys set ip of user to custom ldap attribute