shootanz
asked on
Getting GP to work in an OU
Hi
I've been asked to setup win 2003 standard server for our local school. I've installed it on a new computer with roaming profiles. Having several small problems as I dont know anything about roaming profiles but trying to learn fast. One of these problems is that I cant seem to get GP to work in OU. I have setup different OU's, ie teachers, students etc. The users are inside these OU's. When I right click on an OU and got to properties then GP tab and edit the policy, and in User Configuration / Administrator template I can set the students to not see the run command but it is still available to them. I've tried rebooting the server and local machines to no avail. Also ran gpupdate on local machine. Local machines are running WinXP.
I've been asked to setup win 2003 standard server for our local school. I've installed it on a new computer with roaming profiles. Having several small problems as I dont know anything about roaming profiles but trying to learn fast. One of these problems is that I cant seem to get GP to work in OU. I have setup different OU's, ie teachers, students etc. The users are inside these OU's. When I right click on an OU and got to properties then GP tab and edit the policy, and in User Configuration / Administrator template I can set the students to not see the run command but it is still available to them. I've tried rebooting the server and local machines to no avail. Also ran gpupdate on local machine. Local machines are running WinXP.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
you apply group policies to OU's not groups, groups are used for the security filtering side which you dont need to worry about whilst just learning.......
the GPMC is a great tool when your more advanced but the linking side of things will just be confusing at the moment - there is realistically not much need for GPMC ESPECIALLY when you are learning
the GPMC is a great tool when your more advanced but the linking side of things will just be confusing at the moment - there is realistically not much need for GPMC ESPECIALLY when you are learning
ASKER
Thanks to everyone for your help. I've got it sorted now, well I think I have. It is working although I haven't done anything in security filering. Especial thanks to rutten-d for the link to gpmc as I used it and found that it is better to understand and impliment. Also thanks to bilbus for his indepth answer. I found this link that was easy to follow and set up the link between GPO and OU. http://www.learnthat.com/certification/learn.asp?id=424&index=7
Now onto the next problem, I hope you can help again so quickly...it was much appreciated.
Now onto the next problem, I hope you can help again so quickly...it was much appreciated.
well then i take it back about GPMC, i would have though basic GP was easier to start with but hey
cheers to you both
cheers to you both
i will advice not using the GPMC until you understand GPO - its an add on which you can optimise when you understand it a little more
if you have made your settings and your user resides inside the ou, from the client machine start - run - cmd gpupdate /force see if that helps
run gpresult on a client machine and see if it is seeing the policy