?
Solved

Configure restricted Group with GPO

Posted on 2011-02-14
2
Medium Priority
?
567 Views
Last Modified: 2012-05-11
Hello i need help with my GPO SETTING in my enterprise (single forest) i have techninician people who when they join a computer to the domain they put it in the Computer container and give the users Local Administration rights on the computer. so to avoid that i created an OU called Stock and now i want to design a GPO so that these TECH GUYS WHO BELONG TO particularSecurity group won't be able to put the users as Local Administrator of their computer when it's inside the STOCK OU. I don't want them to be able to do any thing to the computer once the Computer is in that OU
I know i can use restricted Group but i'm confuse about the Group and member Of interface

I need help on my GPO settings, Delegations etc ....
Thank you
0
Comment
Question by:LI20579
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 27

Accepted Solution

by:
KenMcF earned 1500 total points
ID: 34890873
Take a look at this post, i think this is one of the better posts about restriced groups. It sounds like you want to force the members of the local admin group so you would add all the groups and users into "Members of this Group"

http://www.frickelsoft.net/blog/?p=13
0
 

Author Closing Comment

by:LI20579
ID: 35081312
Good enought
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question