Link to home
Create AccountLog in
Avatar of mhamer
mhamer

asked on

Stop GPO applying to a specific server

We have a SITE policy that calls a login script. (user settings)

how do i stop this logon script running on the a few of the servers that are in the site?

windows 2003 AD
ASKER CERTIFIED SOLUTION
Avatar of LauraEHunterMVP
LauraEHunterMVP
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
As you are looking for you could very well prevent the script from running on servers, but you want to make sure that the policy that you don't want to run on the servers isn't being used for anything that is supposed to be applied to the servers.  What you would need to do is create a security group and add the computer accounts of all the servers you do not want the script to run on to this group.  Once you have the group created, create a replica policy of the one that is used to run the script.  In the replica policy remove the setting for the script.  After you have done that, set the security on the policy that runs the script so that the security group you created earlier has the right of Deny set to Apply this Policy.  On the replica policy, add the security group you created earlier and set the right to Allow.  Make sure you remove the group for Authenticated Users from the replica policy.

The easiest way to resolve your issue though is to simply modify the script so that it will not run on servers.

-saige-
Avatar of mhamer
mhamer

ASKER

hi, Lauras answer was what i was looing for i remember doing it before but forgot.

I do have a login script which ignores the server just wanted to recall the gpo method

cheers