I have a little problem with my group policy's.
I want a group policy for a group of users on a group of computers/servers.
To understand the full request I will sketch our domain.
DC: Windows 2003 R2 X64
Servers/VMserver: variating between 2003 to 2008R2
Client pc/laptops: variating between XP and Win7
Sub OU Admins
Sub OU Project Managers
Sub OU Users
Now I want to give my project managers restricted local administrative rights on the VMservers.
So I added the group Project Managers (who's in the OU PM) to the local administrator group on all of the VMServers.
I also want to restrict the permissions so they can't shut down a VMServer and etc...
I made an new GPO under the OU Project Managers and restricted everything to my wish under user configuration. Then in the security filtering I've added the servers that I want the policy to apply to.
Now my GPO works only on my project managers but on all my pc & servers. Not only those I've added in the Security Filtering.
I've also tried making a GPO in the OU VMserver and adding the usergroup to the security filtering but then the GPO doesn't work at all.
To explain why I want this, the firm I work for is an IT firm and our users may have full rights without restrictions on their personal pc/laptop. Our project managers can have restricted rights on the VMservers because these are development servers.
Can someone help my out with this one because I don't know where to look further...
ps: after every change in the GPO and before I test something out, I did a gpupdate /force on my DC.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Attackers love to prey on accounts that have privileges.
Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Are you ready to implement Active Directory best practices without reading 300+ pages?
You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…