We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

content advisors applied to seperate OU's with group policy.

revliss
revliss asked
on
Medium Priority
345 Views
Last Modified: 2010-04-11
win2Kserver with 70 xp pro clients and 400 users (School enviroment)
I am trying to apply different content advisors to several OU's in the same domain to allow different levels of access to users.
I have been trying to apply this through group policy but the same settings are being applied to all  of the domain.
I do not want users to have to supply a password to view sites.
There is a central filtering policy which stops most less tastefull sites but I need to control some users even further without affecting others.
Comment
Watch Question

Where are you applying the Group Policy, specifically?

Author

Commented:
On the OU>user conf.>windows settings>internet explorer maintainance>security>security zones and content.
If i import settings they are the same domain wide. if i modify they change domain wide.
If i do not import settings it all goes pear shaped domain wide.
What i need to know is can i have different settings on diffferent OU'S or am I restricted to one domain level control.
What I'm asking is more specific to where the GPO is linked.

Did you modify the Default Domain Policy?  Or did you create a new policy?  If it's a new one, is it linked to the domain or to specific OUs, or both?
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Author

Commented:
It was a new policy set on a new OU and I then modified the imported content advisor settings.
After it was set all OU's took on the new level of restriction.
I have since tried modifying the different ou policies and domain level policy and eventually got back where I started.
What I need to achieve are no restrictions at domain level to cover most OU's and another policy to totally restrict most sites on one OU.
Would blocking inheritance achieve this???????
Yes.
Let me clarify... there is another way to do this.

Create a new GPO that has no content advisor restrictions, link it to the domain.  Great another GPO that has your content advisor restrictions, link it to an OU.  The OU policy will automatically override the domain policy, because that's the order in which they are applied (Local -> Site -> Domain -> OU, and each one overrides the previous one if there are conflicting settings).  You should not need to block inheritance in this case.

Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.