Solved

2003 GPOs

Posted on 2004-08-18
3
258 Views
Last Modified: 2010-03-18
Hi all
Running a 2003 domain with OUs as sites.

Applied GPO onto OU with lockdown settings of hard drive, control panel, cd rom etc for all standard users.

Need to be able to have a group or something whereas I can unrestrict a/some users from using for example the control panel.

Is there any easy way to set up a group of users for control panel access to be enabled in the OU which will override the GPO, just for the selected users in the group?

I have seen this done before, but I cannot remeber how it was done.

Any help would be appreaciated please?

Regards
Chillinlong





0
Comment
Question by:chillinlong
3 Comments
 
LVL 10

Expert Comment

by:jhautani
ID: 11829585
Add the group to GPO's security and set its apply permission to Deny.

hope this helps
0
 
LVL 1

Author Comment

by:chillinlong
ID: 11829704
Thanks for your response, I have considered this but then this would deny all the GPO settings.

I just want to have a group that enables the CD-rom for example?

Unless I create a specific GPO for every group I intend to have. Which I dont really want to do, unless I must.
0
 
LVL 83

Accepted Solution

by:
oBdA earned 250 total points
ID: 11830529
You will need different GPOs for each setting that you want to set for different users.
The best approach:
Create, to stay with your example, three GPOs: LockHD, LockCP, LockCD. Configure the restrictions accordingly. Create three global groups, for example GPolLockHD, GPolLockCP, GPolLockCD. Make your users members of the appropriate groups. Change the security settings on each GPOs: Remove the default "Authenticated Users" from "Apply" and "Read" permissions. Instead, add the matching global group with Read and Apply permissions.
Now depending on the groups the user is in, different (or all) settings will be locked. Users which are in no "Lock" group will have no restrictions.
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
Resolve DNS query failed errors for Exchange
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now