Group Policy Filtering

We need to filter out:

control panel/display from the root domain policy that all users inherit for a single computer.    it this possible or do we have to copy the whole policy and paste it makign the required changes (twice) in the future?

thx
LVL 1
CHI-LTDAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
AmitConnect With a Mentor IT ArchitectCommented:
Attaching GPO screenshot, which I have configured and linked to OU. Please check, if this works for you.
screensaver.bmp
0
 
AmitIT ArchitectCommented:
Can you explain more. What changes you are trying to do.
0
 
CHI-LTDAuthor Commented:
disable the screensaver policy for a single user.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Mike KlineCommented:
You can't filter for one setting but if you have a GPO screen saver that only configures the screen savers for users then yes  you can filter out a user (or group) what getting that GPO applied to them.  This is known as security filtering.

More on filtering here  http://www.grouppolicy.biz/2010/05/how-to-exclude-individual-users-or-computers-from-a-group-policy-object/

Thanks

Mike
0
 
AmitIT ArchitectCommented:
Open the GPO properties, click on security tab, add that user and select deny
0
 
CHI-LTDAuthor Commented:
would creation of a new GPO in a new OU with the screensaver settings disabled and use loopback processing to replace over ride the domain GPO setting?
0
 
AmitIT ArchitectCommented:
This can also work. Test it
0
 
CHI-LTDAuthor Commented:
transpires the screensaver settings are not applied by GPO string but a batch file in windows-scripts-logon setting.
can this be filtered?
0
 
AmitIT ArchitectCommented:
How you are calling this script. If you are calling it from Profile, you can remove the script for that user only.
0
 
CHI-LTDAuthor Commented:
blocked the file bu restricting the user read permission to the bat file.
another problem, can the Admin templates - control panel - screen saver policy thats within th edomain root policy be disabled or overwitten
0
 
CHI-LTDAuthor Commented:
problenm with using looback is that it upset our mapped drives and other settings, i'll try it
0
 
CHI-LTDAuthor Commented:
perfect
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.