We help IT Professionals succeed at work.
Get Started

GPO exists, but I can't modify or access it from ADMINISTRATOR user ID.

Last Modified: 2013-11-21
I'm new to Group Policies, but I have nearly completed a setup.  I have created a Loopback policy for my new test Thin Client computer which will connect to a terminal server 2003 via RDP.  Under GPMC I have it set for all Authenticated users, but I don't want it to apply to the Administrators group.
In my efforts to set this policy, I set the DELEGATION access to DENY for this thin client OU.  Now the OU doesn't show up.  I'm afraid to do anything for fear that I could totally jack the network.
Under this OU there are Domain Admins and Enterprise Admins groups both with allow Access.  These two groups are members of ADMINISTRATORS.  Would it be ok, to remove them from the ADMINISTRATORS group, modify the setting with a user account that is only a member of DOMAIN ADMINS for example, then add it back in to ADMINISTRATORS?
If not, what is the best method to 1. get back access to the OU, and 2. prevent the OU from running/executing?

Thanks for your help, Jake
Watch Question
This problem has been solved!
Unlock 1 Answer and 5 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE