<div>
Try with separate domain group for those computers and use Group Policy Filtering. More about that at<br />
<a href="http://technet.microsoft.com/en-us/library/cc779291%28WS.10%29.aspx" rel="ugc">http://technet.microsoft.com/en-us/library/cc779291%28WS.10%29.aspx</a><br />
<br />
How to implement that<br />
<a href="http://www.windowsnetworking.com/articles_tutorials/group-policy-security-filtering.html" rel="ugc">http://www.windowsnetworking.com/articles_tutorials/group-policy-security-filtering.html</a><br />
<br />
and Mike has very good post on his blog at<br />
<a href="http://adisfun.blogspot.com/2009/04/security-filtering-and-group-policy.html" rel="ugc">http://adisfun.blogspot.com/2009/04/security-filtering-and-group-policy.html</a><br />
<br />
Regards,<br />
Krzysztof
</div>


Try with separate domain group for those computers and use Group Policy Filtering. More about that at
http://technet.microsoft.com/en-us/library/cc779291%28WS.10%29.aspx [http://technet.microsoft.com/en-us/library/cc779291%28WS.10%29.aspx]

How to implement that
http://www.windowsnetworking.com/articles_tutorials/group-policy-security-filtering.html [http://www.windowsnetworking.com/articles_tutorials/group-policy-security-filtering.html]

and Mike has very good post on his blog at
http://adisfun.blogspot.com/2009/04/security-filtering-and-group-policy.html [http://adisfun.blogspot.com/2009/04/security-filtering-and-group-policy.html]

Regards,
Krzysztof

<div>
filtering will not work in our case.<br />
<br />
We would like to use a method that will even stop user GPO to be applied if anyone logs onto these PCs in the branch office? is it possible to use loopback to so that they can login without folder redirection?
</div>


filtering will not work in our case.

We would like to use a method that will even stop user GPO to be applied if anyone logs onto these PCs in the branch office? is it possible to use loopback to so that they can login without folder redirection?

<div>
Great! Congratulations.<br />
<br />
Krzysztof
</div>


<div>
<div class="content wysiwyg-content">
Hi we have a few computers here at a branch office connected to the domain controller via VPN, we want to block all GPO inheritance to these machines except a specific gpo tailored for these, what is the easiest way to accomplish this?<br />
<br />
I have created a seperate OU for the computers and applied a GPO here and blocked inheritance but it does not seem to be having the desired effect.
</div>
</div>


Hi we have a few computers here at a branch office connected to the domain controller via VPN, we want to block all GPO inheritance to these machines except a specific gpo tailored for these, what is the easiest way to accomplish this?

I have created a seperate OU for the computers and applied a GPO here and blocked inheritance but it does not seem to be having the desired effect.

Stop group policy applying on a per computer basis

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.