I created a GPO called "HighRiskUser", it disables access to add/remove, cmd prompt, etc....
TempUser (fictitious) is a member of GrpHighRisk AND IS ALSO IN OU OuHighRisk. But when TEMPUSER loggs in XP client, NOTHING HAPPENS?
The following sites, domains, and OUs are linked to this GPO:
The settings in this GPO can only apply to the following groups: