?
Solved

XP users of Windows 2000

Posted on 2003-02-25
4
Medium Priority
?
165 Views
Last Modified: 2010-04-13
I have a W2K server + a few XP rrofessional clients.
I have imported the adm templates into W2K for use in group policies.
I created a simple policy that changes screen colour and disables control panel for a certain user.
When the user logs in the policy does not work. Why??
0
Comment
Question by:grunseit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 6

Expert Comment

by:night_monkey
ID: 8024227
have you put that user account into an ou and applied your policy to the ou?
0
 

Expert Comment

by:Samuria
ID: 8045149
This is a quirk in 2k In the policies you have 3 option remove control panel, show only specified applets or hide applets.

One of them doesnt work and its not alway the same one. I dont know what country you are in but it may be law that you have to allow users to change screen size.

Allow the control panel and hide the applets if that doesnt work for you use the other one show only some. This way it will work. As the other user suggested create a OU and add the users to a group and to the ou and apply the policy to the ou. If it still doesnt work you may be inherting polices there is a check box to disable that on the policy.
0
 
LVL 6

Expert Comment

by:night_monkey
ID: 8045248
samuria, your first suggestion may be true (i'm not certain about that one), but actually, you can't apply group policy to groups. i know it's that you should be able to, but "group" policy doesn't work in that way. it has to be applied to ous that have specific user or computer accounts, ad sites, or to the whole domain.

the only way to get around this is to play with the security settings.  for example, if the admin has an ou with a bunch of user accounts and he only wants it to be applied to one specific user without having to move that user account to another ou, the admin has to go to the security settings for the policy and choose "deny" for all of the users or groups that he doesn't want the policy for the intended user account to apply to. or he can remove the read or appy settings.

i could be wrong, but i'm pretty certain this is the case, because i had to research this subject for a problem i was having on my network very recently.

from serverwatch.com:

"Strangely enough, you cannot link Group Policies to Win2000 groups (a bit of misnomer). You might think of trying placing groups into OUs in order to bypass this limitation, but unfortunately this will not help either. Groups placed in OU are not affected by processing of group policies (only users and computers). However, you can apply GPOs to groups based on the DACLs (Discretionary Access Control List entries) assigned to groups (or other Win2000 security principals, such as computers or users) using Security tab of GPO's properties. This is done by checking Allow column for Read and Apply Group Policy permissions for groups you want to have GPO applied to."

this is essentially what i just explained, but i added it here so that you guys could see it from a different source.

-nm
0
 
LVL 5

Accepted Solution

by:
cempasha earned 300 total points
ID: 8604981
This question is still open and getting old. If any of the comment(s) above helped you please accept it as an answer or split the points who ever helped you in this question. Your attention in finalising this question is very much appreciated. Thanks in advance,

****** PLEASE DO NOT ACCEPT THIS AS AN ANSWER ********

- If you would like to close this question and have your points refunded, please post a question in community support area on http://www.experts-exchange.com/Community_Support/ giving the address of this question. Thank you      

Pasha

Cleanup Volunteer


0

Featured Post

New benefit for Premium Members - Upgrade now!

Ready to get started with anonymous questions today? It's easy! Learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question