wajeeh_r
asked on
Need help about group policy & File Folders permissions
Dear Experts,
I have installed Win 2003 and installed role of DC on it. There is another Server also Win 2003 installed along with ISA server.
When in AD Server I make change to group policy that prohibit access to control panel and make command for group policy refresh. I have observed that on client machines the Control Panel disappears, this is fine but what is going on is that in AD Server itself, On ISA Server computer the same condition is also applying, control panel also disappears from there, I don't want this, Please guide me for this. I want any conditions through group policy to be applied on windows XP machines only and not on servers.
Other question is, I need to basics of File and folder sharing and permissions, if any of you having good resource where I can study it. How to ensure that staff from one department should not see the shared folders of staff from other department. But employees from one department can share there information, such type of examples I want to implement in my environment, any good resource please?
Third question, in ISA how I can enforce authentication using information of WIindows Active Directory, example user A of AD can access website so and so, while user B from AD can not access those websites, similarly time restrictions based on information of active directory.
I will be waiting for your replies. I am new and willing to perform all this setup in my company.
Sincerely,
Wajeeh
I have installed Win 2003 and installed role of DC on it. There is another Server also Win 2003 installed along with ISA server.
When in AD Server I make change to group policy that prohibit access to control panel and make command for group policy refresh. I have observed that on client machines the Control Panel disappears, this is fine but what is going on is that in AD Server itself, On ISA Server computer the same condition is also applying, control panel also disappears from there, I don't want this, Please guide me for this. I want any conditions through group policy to be applied on windows XP machines only and not on servers.
Other question is, I need to basics of File and folder sharing and permissions, if any of you having good resource where I can study it. How to ensure that staff from one department should not see the shared folders of staff from other department. But employees from one department can share there information, such type of examples I want to implement in my environment, any good resource please?
Third question, in ISA how I can enforce authentication using information of WIindows Active Directory, example user A of AD can access website so and so, while user B from AD can not access those websites, similarly time restrictions based on information of active directory.
I will be waiting for your replies. I am new and willing to perform all this setup in my company.
Sincerely,
Wajeeh
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
As regards the implimetation of the GPO then the simplest way is to apply a policy to the Domain Controllers OU that disables the prohibiting of the control panel - since this is appled after the policy applied to the domain then on DCs the control panel will be visible on the DC.
You can apply a similar strategy to the other servers - create an OU called servers, move the computer accounts for servers into it and then apply the same disable prohibiting of control panel to that OU as well.
You can apply a similar strategy to the other servers - create an OU called servers, move the computer accounts for servers into it and then apply the same disable prohibiting of control panel to that OU as well.
http://support.microsoft.com/kb/555253
In your case the fileter will probably the operating system version to only apply it to specific operating system versions
an easier way might be to move all your XP machines you want to restrict to a specific OU and then apply the restrictions to just that OU.