Use a GPO to give read-access to local file system on multiple servers
Posted on 2006-06-01
We have hundreds of servers in our environment and I want to give certain support personnel read only access to the C:\ and D:\ volumes. I want to create a local group on servers that need this named 'ProductionSupport' and insert domain accounts into this group. This way if I need to give developers read access to a new server all I need to do is create a local ProductionSupport group and add members to the group. My question is how do I setup my GPO?
When I go into Group Policy Management from my workstation, memberserver or domain controller for that matter and navigate to:Computer Configuration\Windows Settings\Security Settings\File System and click Add File, I am only able to add domain groups.
Is there a way to add the 'ProductionSupport' group so it is exists locally on any server in the domain the GPO will grant members of this local group read access to the local file systems?