Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Setting group policy to just one computer

Posted on 2010-09-01
10
360 Views
Last Modified: 2012-05-10
Is it possilbe to assign a group policy to just one computer within an OU with several other PCs in there?

This one PC needs to have the windows firewall DISABLED as it is blocking services required for an application even with all the correct exceptions in place.

0
Comment
Question by:MSSC_support
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 32

Expert Comment

by:PowerEdgeTech
ID: 33577341
You could move the computer to a new OU, then, based on the existing GPO, you could create a new GPO, then change it.
0
 
LVL 10

Accepted Solution

by:
scriven_j earned 400 total points
ID: 33577342
No, but you can achieve this by creating a sub-OU within the OU that the computers are in and then apply a specific Group Policy for the firewall changes.
This will mean that the computer gets all the policies on the parent OU, but the firewall policy will override anything higher up.
 
0
 
LVL 10

Expert Comment

by:scriven_j
ID: 33577390
Of course, what PowerEdgeTech has said is also true, but if you do it my way, then subsequent group policy changes will not need to be duplicated over 2 OU's.
0
Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

 
LVL 5

Assisted Solution

by:MrN1c3
MrN1c3 earned 100 total points
ID: 33577524
You can assign a GPO to just one machine.

Link the GPO to the relevant OU as normal.  On the "scope" tab, amend the "security filtering".  Remove any entries from sec filtering, then simply add the hostname of the PC.
0
 
LVL 2

Expert Comment

by:esafdia
ID: 33577694
MrN1C3 is Correct, It's not best practices but that method does work.
0
 
LVL 10

Expert Comment

by:scriven_j
ID: 33577854
So does mine!  What is best practise then?
0
 
LVL 2

Expert Comment

by:esafdia
ID: 33577926
Best practise is to put it in a seperate OU.
0
 
LVL 5

Expert Comment

by:MrN1c3
ID: 33577989
MSSC - My post above answers your question, you can actualy assign a GPO to a single computer.

scriven_j has posted what I would consider best practice, and exactly how you should approach this.
0
 
LVL 2

Expert Comment

by:esafdia
ID: 33578092
Agreed on both counts.
0
 

Author Closing Comment

by:MSSC_support
ID: 33609706
I think adding it to a sub OU would be better than assigning it to the individual as if i need to add any more computers to the rule I will just place it in the OU.
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Computer hardware speed units 9 59
How to remove unneeded words from Notepad? 7 17
how to copy files based on a file to a locaiton 12 22
Windows icons complete gone 8 31
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
Read about why it is more lucrative for an IT company to participate in government projects.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question