How to restrict Group policy administration to a specific domain user/group

We have Windows 2003 Domain controller and we have couple of Domain/Enterprise admins. How to restrict Group policy administration to a specific domain user/group?
psanjoySystem AdministratorAsked:
Who is Participating?
 
RizzleConnect With a Mentor Commented:
ok I got you now,

try the solution listed in this Microsoft article which restricts access to specific admins to Group Policy.

https://social.technet.microsoft.com/Forums/windowsserver/en-US/59ebdb08-57f0-4e22-928f-a2f5fd3d5bdf/restrict-group-policy-editing-to-a-group-of-domain-admins?forum=winserverGP
0
 
RizzleCommented:
Check out this article from Microsoft on group policy management! But by default domain admins can create, amend and delete policies, maybe worth look into whether they definitely need domain admin rights?

http://technet.microsoft.com/en-us/library/cc754948(v=ws.10).aspx
0
 
psanjoySystem AdministratorAuthor Commented:
domain admins  and enterprise admins should not have access to GP management except the Local Admin/ a specific user. pls help me
0
All Courses

From novice to tech pro — start learning today.