• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 268
  • Last Modified:

How do I set up GPO for specific users.

Hello all,

I am looking for some help in setting up my first GPO. I have three users who I want to have remote access (already setup and licensed the TS) and when they login they will see only the start button (to log off) and the program they are going to use.

I have installed the GPO mmc and can see all the choices (ALOT of choices...lol) and I would like help simplifying my needs.

Do I create a new OU and create the users under that? Then link the GPO to that?

I have one additional problem. Something I am missing. I add the user to the Remote Desktop Users group and take them out of the administrators group and can't remote in. I have tried this with all users. It’s has to be a setting I am missing.

0
mburke3434
Asked:
mburke3434
  • 3
  • 2
1 Solution
 
Chris GralikeSpecialistCommented:
Create a "group" inside a new OU and place your policy on that OU.

>> MYcorp.local
          >> OU : Employees    || Corperate GPO settings
                      >  UserObject
                      >  UserObject
          >> OU : Special GPO  || Additional GPO settings
                       >>  GroupObj
                                   > User membership...


regards,
0
 
mburke3434Author Commented:
Thanks for the speedy reply....

I have start menu only but the programs  > accessories
                                                               internet explorer
                                                               outlook express
                                                               remote assistant

 still show up.

Also, how do I add only one specific program to the start menu?
0
 
Chris GralikeSpecialistCommented:
i thought it to be a registry enty, also a mendantory profile for these users might be a sollution :)

http://support.microsoft.com/kb/323368

regards,
0
 
Chris GralikeSpecialistCommented:
err sorry on that

c:\documents and settings\%username%\start menu\programs\etc...
0
 
mburke3434Author Commented:
I got it worked out this way.

*** New OU
*** New GPO for that OU
*** Denied everything on Start Menu and Desktop
*** Allowed logoff
*** Placed shortcut to program in Desktop Folder (as admin of course)
*** Deleted Programs folders in start menu in Docs \ Settings.
*** User cannot chage password.

It worked out leaving access only to that program and logoff and no access (or even view) to anything else.

Your were a very big help...Thank you again.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now