Solved

Group Policy deny or exclude

Posted on 2007-03-26
5
2,880 Views
Last Modified: 2008-02-01
I have a GPO setup which has close to 100 settings for User node.  I want to apply the same gpo, but minus 2 settings.  What is the most efficient way of doing so.... another GPO with security filtering, or create another OU with the 2 settings exluded... or other ideas are welcome.
0
Comment
Question by:rtmcmullen
5 Comments
 
LVL 30

Assisted Solution

by:LauraEHunterMVP
LauraEHunterMVP earned 50 total points
ID: 18797472
Unfortunately you can't deny the application of GPOs at the per-setting level (though if wishing could make it so...), you can only do so for an entire Group Policy Object.

To do what you're describing, you'll need to copy the existing GPO to a new GPO, make the changes you want to the new GPO and then maintain the two separate GPOs separately.  :-(

(I wish I had better news for you.)

Laura E. Hunter - Microsoft MVP: Windows Server - Networking
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18797540
agree with above...you are going to get to look after an additional one :) its not so bad with GPMC though.....
0
 
LVL 25

Expert Comment

by:Ron Malmstead
ID: 18801050
Create two seperate GPO's applied to the same OU.  Use security filtering to allow/deny the the gpo with the two settings...to whatever user/group you like.

Or you can create a seperate OU, underneath the other, and block inheritance.

Group policy is very granular...several ways to do the same thing.
0
 
LVL 25

Accepted Solution

by:
Ron Malmstead earned 75 total points
ID: 18801053
Create two seperate GPO's applied to the same OU.  Use security filtering to allow/deny the the gpo with the two settings...to whatever user/group you like.

Or you can create a seperate OU, underneath the other, and block inheritance.

Group policy is very granular...several ways to do the same thing.
0
 

Author Comment

by:rtmcmullen
ID: 18841050
Thanks to both LauraEHunterMVP & xuserx2000 for your creative approach.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is a little timesaver I have been using for setting up Microsoft Small Business Server (SBS) in the simplest possible way. It may not be appropriate for every customer. However, when you get a situation where the person who owns the server is i…
Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question