I have been asked to look into setting up group policy to enforce all users in Active Directory to use universal log into all systems including including all IIS websites within the domain.
The requirements are that they are unsure whether they would like to set the policy at a workstation/server level or user level.
Unfortunately their desktops and laptops are not enrolled onto the domain instead they log into the laptop / pc locally then connect up via a vpn connection (unsure why they are not enrolled onto the domain). Which makes me think that it should be applied at a user level.
Is it even possible to set up group policy to enforce all domain users to use universal log in on all systems. (I was under the impression you need one for both computer & user levels)