Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Creating Group Policy

Posted on 2004-04-27
8
Medium Priority
?
712 Views
Last Modified: 2010-04-13
Need a crash course in setting up a Windows2000 system with an administrator profile that has the system "wide open" for configuring by an Administrator and a profile for the user that locks down everything.  Looking at Microsoft documents just isn't working.  I am thinking I can set up Group Policy and apply the user to a group policy but can't figure it out..  

We are on a Novell Network and have 25 Windows 2000 Computers to roll out to our production floor.  
0
Comment
Question by:Trygve Thayer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 20

Expert Comment

by:What90
ID: 10935068
What are you trying to lock down?
A GPO has over 200 settings

If you could describe what you trying to do, then we could point you in the right direction.
0
 
LVL 11

Accepted Solution

by:
adonis1976 earned 2000 total points
ID: 10935185
here are some links that might help

http://www.jsiinc.com/subk/tip5200/rh5237.htm

http://www.oreilly.com/catalog/win2000ads/chapter/ch08.html

How do I distribute Local Group Policy to Windows 2000 clients in a non-Active Directory domain or workgroup?
http://www.jsiinc.com/subh/tip3600/rh3612.htm

Local Group Policy Objects cannot be set on a per-user basis.
http://www.jsiinc.com/sube/tip2300/rh2388.htm

How do I apply local policies to all users, except administrators, on a Windows 2000-based computer that is in a workgroup setting?
http://www.jsiinc.com/subl/tip5600/rh5619.htm

http://www.2000trainers.com/activedirectory/coursesandarticles/jason/70-219-5.html
0
 
LVL 3

Author Comment

by:Trygve Thayer
ID: 10935205
We have user on the manufacturing floor that constantly change the display.....Mess around in control panel, change screen savers, change windows colors, etc.  I am use to policy editor (poledit) on Win95 and Win98.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 20

Expert Comment

by:What90
ID: 10935268
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I will leave the following recommendation for this question in the Cleanup topic area:
   Delete/ No Refund

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

What90
EE Cleanup Volunteer
0
 
LVL 20

Expert Comment

by:What90
ID: 10935295
Whoops, ignore that !

Doing too many things at once.....

The links above posted by  adonis1976 will help.

Basically if you can create and OU and put the trouble machine and users in to that OU, then create a GPO to lock down the machine (GPO setting are very straight forward and easier the NT 4 policies) That'll do the trick.
0
 
LVL 3

Author Comment

by:Trygve Thayer
ID: 10945201
I have been working all day and about have it.  This Microsoft stuff is not as simple as it appears.  The link I have been working from was posted by adonis1976.   I was frustrated but finally realized after I logged all users in with the policy I wanted I needed to log off and back on as administrator before moving the backup policy back in place.  I was doing it all in the same session.  I don't understand how this works but am getting somewhere.  How does the system know what profile the Administrator has and what profile the user has.  I assume the users is comming from c:\winnt\system32\group Policy\user\registry.pol but where is the Administrators comming from ?
0
 
LVL 20

Expert Comment

by:What90
ID: 10945257
GPO are pushed from Active directory not policy files!

You apply GPO to containers not users, groups or computers

The Don't apply GPO to the default containers (Computer and Users) but create new one (Factory) and apply the GPO to that.

Then move the users and computers you want the GPO to effect in to th new factory container.

Log out the users in the new factory container and log them back in for the GPO to work.
0
 
LVL 3

Author Comment

by:Trygve Thayer
ID: 10983253
I have been able to take a Windows 2000 stand-alone system and set it up so that when I login as administrator I have full rights.  When I log in as one of the other users they are now locked down so tight they have given up in only one day.  Yea!!!!!    I am awarding  adonis1976  with the points as one of the links gave me the exact information I needed.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
By default Outlook 2016 displays only one time zone in the Calendar. The following article explains how to display two time zones in one calendar view.
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question