Solved

Stop group policy applying on a per computer basis

Posted on 2011-09-21
5
344 Views
Last Modified: 2012-05-12
Hi we have a few computers here at a branch office connected to the domain controller via VPN, we want to block all GPO inheritance to these machines except a specific gpo tailored for these, what is the easiest way to accomplish this?

I have created a seperate OU for the computers and applied a GPO here and blocked inheritance but it does not seem to be having the desired effect.
0
Comment
Question by:Bertling
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36573047
Try with separate domain group for those computers and use Group Policy Filtering. More about that at
http://technet.microsoft.com/en-us/library/cc779291%28WS.10%29.aspx

How to implement that
http://www.windowsnetworking.com/articles_tutorials/group-policy-security-filtering.html

and Mike has very good post on his blog at
http://adisfun.blogspot.com/2009/04/security-filtering-and-group-policy.html

Regards,
Krzysztof
0
 
LVL 11

Author Comment

by:Bertling
ID: 36573068
filtering will not work in our case.

We would like to use a method that will even stop user GPO to be applied if anyone logs onto these PCs in the branch office? is it possible to use loopback to so that they can login without folder redirection?
0
 
LVL 11

Accepted Solution

by:
Bertling earned 0 total points
ID: 36573188
we solved it. we made a loopback policy on the OU of the 3 PCs only. we then set it in replace mode.

We then set folder redirection to local profile for each item.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36573203
Great! Congratulations.

Krzysztof
0
 
LVL 11

Author Closing Comment

by:Bertling
ID: 37061256
This worked as advised
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We recently had an issue where out of nowhere, end users started indicating that their logins to our terminal server were just showing a "blank screen." After checking the usual suspects -- profiles, shell=explorer.exe in the registry, userinit.exe,…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question