Solved

how to set up a group policy attached to a group or single user

Posted on 2007-03-30
2
219 Views
Last Modified: 2010-04-20
I am trying to figure out how I can attach a group policy to either a user or a group of users within a OU. Specifically, I am setting up remote access using terminal server. I want to create the group policy in the same container as where the users are currently located. domainname.ca.local/local users
Normally, I would create another OU right under local users and call it ts users...
domainname.ca.local/local users/ts users
...but I believe there is a way to do it so that I can use the same OU where the users are located and just add them to a group to take on the group policy. I am running Windows 2003 Standard
Thanks in advance for the help
0
Comment
Question by:johnbowden
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 250 total points
ID: 18824878
You're thinking of security group filtering, wherein you modify the Permissions of a GPO. By default, every GPO has a security entry for "Authenticated Users" of "Allow - Read, Apply Group Policy".  You can either:

[1] Remove the entry for Authenticated users and create an "Allow - Read, Apply Group Policy" entry for only those users who should receive the policy, or

[2] Leave the Authenticated Users entry in place and create a "DENY - Read, Apply Group Policy" entry to exclude a specific subset of users who should NOT receive the policy.

Here's a good tutorial from Mitch Tulloch on how to set this up in the GP Management Console: http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Security-Filtering.html

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking
0
 

Author Comment

by:johnbowden
ID: 18825037
that's exactly what I'm looking for. Thanks!
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question