Group Policies

I have set group policies for all computers within my domain, on my domain controller in active directory.  I now want to take away group policies for one of the PCs.  What is the best way for me to eliminate group policies on a PC that is getting it from the server/domain controller?
Reason is that I set one of the group polices to hide the C: drive on all the PCs.  The problem is that one of our PCs, I have loaded software on it locally.  In order for those users to use the program(locally installed), they will need access to the C: drive.
I tried to share the C: drive(under current policies), tried to create a shortcut(didnt work), and so on.  I cannot load it on the Server, because it is a program that doesnt have the capabillities to map a drive to it.(I dont know why).

Any suggestions great wizards of the IT World?!?!

cjjimbosAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jose_ramirezCommented:
You just have to remove the PC account from the Organizational Unit you´ve added to, and remove User also...
And that´s it.. If you want to add all other policies only for this PC, you need to add it to another Organizational Unit and put restrictions to it...
Hope this helps!
Jose
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
col_forbin13Commented:
Yeah, what we have done here is create OU's Called "C: drive access" that changes the hiding of the C: drive.  You may also just be able to give the users (write) access to the program directory and create a shortcut on the All Users desktop to the app.
0
lyle-grangerCommented:
I would create a new OU (Organizational Unit) and move the computer that needs access to that OU.  This will remove any group policies associated with that computer.  If you need any other policies attached you will have to re-add them.  

I do not recommend linking policies as it can be hard to manage or track.  

I would also recommend creating OU's for each department, this will allow you to apply policies with different levels of access and make it easier to manage AD.

If you have any other questions please post.

Good luck & I hope this helps.

Lyle
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

BeldoranCommented:
A quick fix may be to go to the security tab in the policy that you want to remove from a particular PC.
Add that PC and click Deny. That machine then will not get that policy.

This can be used where you have applied policy to 'domain computers' and need to remove one in particular.

Beware, Deny permissions can be dangerous if used too much, as they will take precedence over all else.

Good luck
0
tonyteriCommented:
Simple:

Move the computer to a new ou, that is not affected by the GPO.  

0
BeldoranCommented:
If cjjimbos has a 'simple' domain sturcture, eg computers in the computers container and group policy at the root, then moving to a new ou will not help. In an ideal world I would also (like many other above) recomend restructuring the domain structure to allow what you wish, but often this is beyond your ability to do (either due to lack of knowledge or lack of 'political'/'IT' power - eg THEY won't let you)

If the latter is the case, then Deny is one option and removing the machine from the domain is the only other option.

Bel

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.