Solved

Stop group policy applying on a per computer basis

Posted on 2011-09-21
5
346 Views
Last Modified: 2012-05-12
Hi we have a few computers here at a branch office connected to the domain controller via VPN, we want to block all GPO inheritance to these machines except a specific gpo tailored for these, what is the easiest way to accomplish this?

I have created a seperate OU for the computers and applied a GPO here and blocked inheritance but it does not seem to be having the desired effect.
0
Comment
Question by:Bertling
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36573047
Try with separate domain group for those computers and use Group Policy Filtering. More about that at
http://technet.microsoft.com/en-us/library/cc779291%28WS.10%29.aspx

How to implement that
http://www.windowsnetworking.com/articles_tutorials/group-policy-security-filtering.html

and Mike has very good post on his blog at
http://adisfun.blogspot.com/2009/04/security-filtering-and-group-policy.html

Regards,
Krzysztof
0
 
LVL 11

Author Comment

by:Bertling
ID: 36573068
filtering will not work in our case.

We would like to use a method that will even stop user GPO to be applied if anyone logs onto these PCs in the branch office? is it possible to use loopback to so that they can login without folder redirection?
0
 
LVL 11

Accepted Solution

by:
Bertling earned 0 total points
ID: 36573188
we solved it. we made a loopback policy on the OU of the 3 PCs only. we then set it in replace mode.

We then set folder redirection to local profile for each item.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36573203
Great! Congratulations.

Krzysztof
0
 
LVL 11

Author Closing Comment

by:Bertling
ID: 37061256
This worked as advised
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question