• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 372
  • Last Modified:

Setting group policy to just one computer

Is it possilbe to assign a group policy to just one computer within an OU with several other PCs in there?

This one PC needs to have the windows firewall DISABLED as it is blocking services required for an application even with all the correct exceptions in place.

0
MSSC_support
Asked:
MSSC_support
  • 3
  • 3
  • 2
  • +2
2 Solutions
 
PowerEdgeTechIT ConsultantCommented:
You could move the computer to a new OU, then, based on the existing GPO, you could create a new GPO, then change it.
0
 
scriven_jCommented:
No, but you can achieve this by creating a sub-OU within the OU that the computers are in and then apply a specific Group Policy for the firewall changes.
This will mean that the computer gets all the policies on the parent OU, but the firewall policy will override anything higher up.
 
0
 
scriven_jCommented:
Of course, what PowerEdgeTech has said is also true, but if you do it my way, then subsequent group policy changes will not need to be duplicated over 2 OU's.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
MrN1c3Commented:
You can assign a GPO to just one machine.

Link the GPO to the relevant OU as normal.  On the "scope" tab, amend the "security filtering".  Remove any entries from sec filtering, then simply add the hostname of the PC.
0
 
esafdiaCommented:
MrN1C3 is Correct, It's not best practices but that method does work.
0
 
scriven_jCommented:
So does mine!  What is best practise then?
0
 
esafdiaCommented:
Best practise is to put it in a seperate OU.
0
 
MrN1c3Commented:
MSSC - My post above answers your question, you can actualy assign a GPO to a single computer.

scriven_j has posted what I would consider best practice, and exactly how you should approach this.
0
 
esafdiaCommented:
Agreed on both counts.
0
 
MSSC_supportAuthor Commented:
I think adding it to a sub OU would be better than assigning it to the individual as if i need to add any more computers to the rule I will just place it in the OU.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 3
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now