Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

how to set up a group policy attached to a group or single user

Posted on 2007-03-30
2
Medium Priority
?
223 Views
Last Modified: 2010-04-20
I am trying to figure out how I can attach a group policy to either a user or a group of users within a OU. Specifically, I am setting up remote access using terminal server. I want to create the group policy in the same container as where the users are currently located. domainname.ca.local/local users
Normally, I would create another OU right under local users and call it ts users...
domainname.ca.local/local users/ts users
...but I believe there is a way to do it so that I can use the same OU where the users are located and just add them to a group to take on the group policy. I am running Windows 2003 Standard
Thanks in advance for the help
0
Comment
Question by:johnbowden
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 1000 total points
ID: 18824878
You're thinking of security group filtering, wherein you modify the Permissions of a GPO. By default, every GPO has a security entry for "Authenticated Users" of "Allow - Read, Apply Group Policy".  You can either:

[1] Remove the entry for Authenticated users and create an "Allow - Read, Apply Group Policy" entry for only those users who should receive the policy, or

[2] Leave the Authenticated Users entry in place and create a "DENY - Read, Apply Group Policy" entry to exclude a specific subset of users who should NOT receive the policy.

Here's a good tutorial from Mitch Tulloch on how to set this up in the GP Management Console: http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Security-Filtering.html

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking
0
 

Author Comment

by:johnbowden
ID: 18825037
that's exactly what I'm looking for. Thanks!
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question