Joe_Budden
asked on
Using Group Policy Results Wizard for different domain
Hi AD Experts :)
My setup is a bit strange and as below:
Forest root: domain.com
Domains: Toronto.domain.com, Washington.domain.com, LosAngeles.domain.com
I am a domain admin for Toronto.domain.com only.
There is a server in the Washington domain named Server1.washington.domain.
User1 wants to carry out some work on Server1, but wants to ensure that he has full permissions. He is a local Admin on Server1, but is worried that there maybe GPO's that would prevent him doing any work (such as shutting down etc).
I tried to run GP Results Wizard on Server1, but I receive an error saying that I do not have enough permissions. What can I do here to get a GP result type thing to show what GPO's, if any, will be blocking what actions?
Our Forest level is Windows 2003, and Server1 is Windows 2003 Server too.
My setup is a bit strange and as below:
Forest root: domain.com
Domains: Toronto.domain.com, Washington.domain.com, LosAngeles.domain.com
I am a domain admin for Toronto.domain.com only.
There is a server in the Washington domain named Server1.washington.domain.
User1 wants to carry out some work on Server1, but wants to ensure that he has full permissions. He is a local Admin on Server1, but is worried that there maybe GPO's that would prevent him doing any work (such as shutting down etc).
I tried to run GP Results Wizard on Server1, but I receive an error saying that I do not have enough permissions. What can I do here to get a GP result type thing to show what GPO's, if any, will be blocking what actions?
Our Forest level is Windows 2003, and Server1 is Windows 2003 Server too.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If your user has the GPMC on his desktop, or you have it on your desktop and can get him to do a runas or logon to your desktop, you can do it from there. You can put in the server name instead of using the local computer in the RSOP wizard, to get results for another machine. In this case, you could enter your server name and get the policy results.
The big thing here is that it has to run under the account of the user who does have that admin access to server1. Technically, it can run from anywhere as long as he is the one to run it.
The big thing here is that it has to run under the account of the user who does have that admin access to server1. Technically, it can run from anywhere as long as he is the one to run it.
ASKER
So I need to install GPMC on Server1? How would I run resultant set of policy on the server?
Thanks!