Solved

Locking Down users with Group Policy

Posted on 2006-06-14
2
566 Views
Last Modified: 2008-01-09
Hi I'm having some problems getting Group Policy to work like I want.

I have 9 users that are using the default User Template from SBS 2003 that I want to lock down.  I created an OU called "Locked Down Users".  I also created a Security Group called "Locked Down Users".  I added all the users that need the extra security into the "Locked Down Users" Group and I added the "LDU" Group to the "LDU" OU.

I also created a Group Policy Object that has the restrictions I want, ie no control panel, no run menu etc.  I set these all up in Administrative Templates of the User Configuration.  I then linked the the GPO to the "LDU" OU, and gave the "LDU" Group Read permissions on the GPO.  The GPO is link enabled and enforced.

Unfortunately I must have missed something as the GPO is not being applied to the users?

Any idea what I'm missing?  Still sort of a newb at Group Policy so be gentle.  ;)
0
Comment
Question by:jb1013
2 Comments
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 16908161
It's probably more of where you put the OU.  It MUST be under \MyBusiness\SBSUsers\Users in order to work... however, there is no need to put them in a separate OU, just use the security group instead.  Then, create a NEW template that is a member of the security group and then apply that new template to the users you want to have in it by using the Change Permissions Wizard.

Then, make sure that your GPO is linked and enabled to that security group.  Finally, run a GPUPDATE /FORCE command on the server.

To see if it's being enforced properly, log into a workstation with a member's account and run a GPRESULT /V command.

Jeff
TechSoEasy

0
 
LVL 1

Author Comment

by:jb1013
ID: 16909441
OK, that's probably it then I think the OU is in the wrong place.  Thanks for the pointers on how to do this correctly.  I'll give it a shot when I'm back over there in a day or so.  I really appreciate your help.
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question