I'm new to Group Policies, but I have nearly completed a setup. I have created a Loopback policy for my new test Thin Client computer which will connect to a terminal server 2003 via RDP. Under GPMC I have it set for all Authenticated users, but I don't want it to apply to the Administrators group.
In my efforts to set this policy, I set the DELEGATION access to DENY for this thin client OU. Now the OU doesn't show up. I'm afraid to do anything for fear that I could totally jack the network.
Under this OU there are Domain Admins and Enterprise Admins groups both with allow Access. These two groups are members of ADMINISTRATORS. Would it be ok, to remove them from the ADMINISTRATORS group, modify the setting with a user account that is only a member of DOMAIN ADMINS for example, then add it back in to ADMINISTRATORS?
If not, what is the best method to 1. get back access to the OU, and 2. prevent the OU from running/executing?
Thanks for your help, Jake