Solved

Group Policy Settings

Posted on 2011-02-21
1
330 Views
Last Modified: 2012-08-13
I need someone to step me through setting up Group Policy restrictions. I thought I had them set correctly but evidently not. The situation is this - we have a school network running Windows Server 2003 and all the clients running Windows XP Pro. The goal is to restrict the students from saving profile changes when they log out and to prevent them from installing any applications. There is an OU called School Users with a sub-group called Students and that has sub-groups by grade level. Do I need to set these restriction at the main OU level? And could someone step me through what I need to do? I must be missing somehitng because what I did did not work and students profiles are growing way beyond what we want.

Thank you!1

Robert
0
Comment
Question by:RobertEhinger
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 12

Accepted Solution

by:
Navdeep earned 500 total points
ID: 34946685
Hi,

Normal active directory accounts would restrict users from installing any applications.
For profiles. You need to make them mandatory profiles. So that when the changes are made they won't get saved.

You can check the below mentioned article to do the same
http://support.microsoft.com/kb/307800

Also using GPO
Computer Configuration--->Policies--->Administrative Templates--->System--->User Profile--->Prevent Roaming Profile changes from being propagated to the server

It makes profiles mandatory by preventing system from updating the change to the server. This setting have the same effect with renaming NTUSER.DAT to NTUSER.MAN for a roaming profile.

The GPO would be applied to that OU in which your student accounts are present.

Hope this will help you.
0

Featured Post

Webinar: Choosing a MySQL HA Solution

Join Percona’s Principal Technical Services Engineer, Marcos Albe as he presents Choosing a MySQL High Availability Solution on Thursday, June 29, 2017 at 10:00 am PDT / 2:00 pm EDT (UTC-7).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
We take a look at some of the most common obstacles that IT teams run into as they work relentlessly to keep all the alarms and sirens from going off at once.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question