Link to home
Start Free TrialLog in
Avatar of rtmcmullen
rtmcmullen

asked on

Group Policy deny or exclude

I have a GPO setup which has close to 100 settings for User node.  I want to apply the same gpo, but minus 2 settings.  What is the most efficient way of doing so.... another GPO with security filtering, or create another OU with the 2 settings exluded... or other ideas are welcome.
SOLUTION
Avatar of LauraEHunterMVP
LauraEHunterMVP
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
agree with above...you are going to get to look after an additional one :) its not so bad with GPMC though.....
Avatar of Ron Malmstead
Create two seperate GPO's applied to the same OU.  Use security filtering to allow/deny the the gpo with the two settings...to whatever user/group you like.

Or you can create a seperate OU, underneath the other, and block inheritance.

Group policy is very granular...several ways to do the same thing.
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of rtmcmullen
rtmcmullen

ASKER

Thanks to both LauraEHunterMVP & xuserx2000 for your creative approach.