Solved

How to restrict Group policy administration to a specific domain user/group

Posted on 2014-11-02
3
91 Views
Last Modified: 2015-06-18
We have Windows 2003 Domain controller and we have couple of Domain/Enterprise admins. How to restrict Group policy administration to a specific domain user/group?
0
Comment
Question by:psanjoy
  • 2
3 Comments
 
LVL 13

Expert Comment

by:Rizzle
Comment Utility
Check out this article from Microsoft on group policy management! But by default domain admins can create, amend and delete policies, maybe worth look into whether they definitely need domain admin rights?

http://technet.microsoft.com/en-us/library/cc754948(v=ws.10).aspx
0
 

Author Comment

by:psanjoy
Comment Utility
domain admins  and enterprise admins should not have access to GP management except the Local Admin/ a specific user. pls help me
0
 
LVL 13

Accepted Solution

by:
Rizzle earned 500 total points
Comment Utility
ok I got you now,

try the solution listed in this Microsoft article which restricts access to specific admins to Group Policy.

https://social.technet.microsoft.com/Forums/windowsserver/en-US/59ebdb08-57f0-4e22-928f-a2f5fd3d5bdf/restrict-group-policy-editing-to-a-group-of-domain-admins?forum=winserverGP
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Suggested Solutions

Learn about cloud computing and its benefits for small business owners.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now