Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 357
  • Last Modified:

Group Policy Settings

I need someone to step me through setting up Group Policy restrictions. I thought I had them set correctly but evidently not. The situation is this - we have a school network running Windows Server 2003 and all the clients running Windows XP Pro. The goal is to restrict the students from saving profile changes when they log out and to prevent them from installing any applications. There is an OU called School Users with a sub-group called Students and that has sub-groups by grade level. Do I need to set these restriction at the main OU level? And could someone step me through what I need to do? I must be missing somehitng because what I did did not work and students profiles are growing way beyond what we want.

Thank you!1

Robert
0
Robert Ehinger
Asked:
Robert Ehinger
1 Solution
 
NavdeepCommented:
Hi,

Normal active directory accounts would restrict users from installing any applications.
For profiles. You need to make them mandatory profiles. So that when the changes are made they won't get saved.

You can check the below mentioned article to do the same
http://support.microsoft.com/kb/307800

Also using GPO
Computer Configuration--->Policies--->Administrative Templates--->System--->User Profile--->Prevent Roaming Profile changes from being propagated to the server

It makes profiles mandatory by preventing system from updating the change to the server. This setting have the same effect with renaming NTUSER.DAT to NTUSER.MAN for a roaming profile.

The GPO would be applied to that OU in which your student accounts are present.

Hope this will help you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now