I am working with WIN2008 Enterprise active directory.
I recently wanted to make one regular domain user a local admin on certain workstations and I did accomplish that by using Restricted Groups.
The thing now is, I want one more local admin to help the first one. But I did not want the new one to be added to the same Restricted Group which the first one is in.
I went on and made another GPO and named it 2ndlocaladmin and went to Restricted Groups and added a group and named it Administrators inside. And then went to its properties and I added that new domain user to this newly created group.
When I went on to link this GPO to the workstations group wanted, nothing happend.
Neither the domain admin nor the new GPO worked and I had to remove the GPO.
Is there a problem for having two different Restricted Groups GPOs in the same domain, knowing that the two are not applied to the same computers "workstations" group > meaning is that the two are not linked to the same computers group at the same time, each one is linked to a different computers group.
And what could it be that am doing wrong here?