Solved

How to restrict Group policy administration to a specific domain user/group

Posted on 2014-11-02
3
101 Views
Last Modified: 2015-06-18
We have Windows 2003 Domain controller and we have couple of Domain/Enterprise admins. How to restrict Group policy administration to a specific domain user/group?
0
Comment
Question by:psanjoy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 13

Expert Comment

by:Rizzle
ID: 40418081
Check out this article from Microsoft on group policy management! But by default domain admins can create, amend and delete policies, maybe worth look into whether they definitely need domain admin rights?

http://technet.microsoft.com/en-us/library/cc754948(v=ws.10).aspx
0
 

Author Comment

by:psanjoy
ID: 40418918
domain admins  and enterprise admins should not have access to GP management except the Local Admin/ a specific user. pls help me
0
 
LVL 13

Accepted Solution

by:
Rizzle earned 500 total points
ID: 40420108
ok I got you now,

try the solution listed in this Microsoft article which restricts access to specific admins to Group Policy.

https://social.technet.microsoft.com/Forums/windowsserver/en-US/59ebdb08-57f0-4e22-928f-a2f5fd3d5bdf/restrict-group-policy-editing-to-a-group-of-domain-admins?forum=winserverGP
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
A hard and fast method for reducing Active Directory Administrators members.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question