Bertling
asked on
Stop group policy applying on a per computer basis
Hi we have a few computers here at a branch office connected to the domain controller via VPN, we want to block all GPO inheritance to these machines except a specific gpo tailored for these, what is the easiest way to accomplish this?
I have created a seperate OU for the computers and applied a GPO here and blocked inheritance but it does not seem to be having the desired effect.
I have created a seperate OU for the computers and applied a GPO here and blocked inheritance but it does not seem to be having the desired effect.
ASKER
filtering will not work in our case.
We would like to use a method that will even stop user GPO to be applied if anyone logs onto these PCs in the branch office? is it possible to use loopback to so that they can login without folder redirection?
We would like to use a method that will even stop user GPO to be applied if anyone logs onto these PCs in the branch office? is it possible to use loopback to so that they can login without folder redirection?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Great! Congratulations.
Krzysztof
Krzysztof
ASKER
This worked as advised
http://technet.microsoft.com/en-us/library/cc779291%28WS.10%29.aspx
How to implement that
http://www.windowsnetworking.com/articles_tutorials/group-policy-security-filtering.html
and Mike has very good post on his blog at
http://adisfun.blogspot.com/2009/04/security-filtering-and-group-policy.html
Regards,
Krzysztof