Solved

how to exclude Group policy

Posted on 2011-03-04
4
647 Views
Last Modified: 2012-05-11
I have made a computer's group policy for all computes in the domain, but i want to exclude domain controllers from it, means that i don't want the policy to be applied in domain controllers, how can i do this ?
0
Comment
Question by:sgogan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 10

Accepted Solution

by:
Fayaz earned 125 total points
ID: 35041980
0
 
LVL 2

Assisted Solution

by:naushadkhan
naushadkhan earned 125 total points
ID: 35041981
You can use the Security filtering option in the GPO to accomplish your task. First remove the Authenticated users from the list and add appropriate users, groups or computer to whom this policies will apply.

For Windows Server 2008
0
 
LVL 74

Assisted Solution

by:Glen Knight
Glen Knight earned 125 total points
ID: 35041994
Just put the computers in to their own OU, which you will have to do anyway to appl a group policy to them, otherwise you will have to apply it at domain level which will then effect all Computers/Servers.

So create a new OU, move the computers in to it and apply the group policy there.
0
 
LVL 17

Assisted Solution

by:Premkumar Yogeswaran
Premkumar Yogeswaran earned 125 total points
ID: 35044967
Hi,

By default domain controleer will be in different OU,

Only Domain controller policy will be applied to that OU.

it you want to stop the inheritance.

Kindly check the block inheritance option in the group policy property of Domain controller OU..!

Regards,
Prem
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question