Solved

AD OU doesn't show up in Group Policy

Posted on 2013-06-18
1
940 Views
Last Modified: 2013-06-18
Domain Functional Level: Win Server 2003

I'm trying to exclude my servers from my (very simple) Windows Update GPO.  (I don't want them to auto-restart at 3am.)  The easiest solution seems to be to assign the GPO to specific Organizational Units, as I do with all my other GPOs.  However, I am now realizing that not all my OUs available in Active Directory show up in Group Policy.  Specifically, my "Computers" OU is not there.  

Can I rectify this? ...if not, any suggestions for how to separate my servers from my workstations so that I can assign my Windows Update GPO accordingly?
Thanks!
0
Comment
Question by:cuiinc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 15

Accepted Solution

by:
Rob Stone earned 500 total points
ID: 39257242
It's because it's not an OU, but a container, as is Users.

You'll need to create an OU and move the computers/users to respective OU's.

I would look to move the servers into a Servers OU, otherwise you will need to look at a WMI filter or deny access to the computer accounts for that policy (I'd advise against this last option though!).
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question