Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

group policy

Posted on 2015-01-05
7
Medium Priority
?
123 Views
Last Modified: 2015-01-12
we setup a test windows server 2008, and are experimenting with group policy. we don't want to edit the default group policy, but would like to have a test policy that is linked to an OU. But we are having a hard time figuring it out.
How could we link an OU to a group policy?
0
Comment
Question by:JeffBeall
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 14

Expert Comment

by:dmwynne
ID: 40532420
I would start hear if you are just beginning with group policy.

http://technet.microsoft.com/en-us/windowsserver/bb310732.aspx

In its simplest steps you create a new Group Policy using the Group Policy Mgmt in admin tools, when you create the policy it asks if you want to link it to an OU which you can do then or if you want to do it later just go to the OU in the GP Mgmt, right click and choose link an existing...
0
 
LVL 3

Assisted Solution

by:kola12
kola12 earned 664 total points
ID: 40532456
You can use Group Policy Management Console - see http://technet.microsoft.com/en-us/library/cc732979.aspx
And link Policy to selected OU.
Or You can create securuty group, add new serwer as a member of this group.
In GPO remove authenticated users and add new group whitch you created.
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 668 total points
ID: 40532680
High level steps are below...
- open gpmc.msc
- Create a new GPO
- Give it a name
- Edit the GPO
- Select the properties that you want to enable or disable
- Set the Security Filtering with the appropriate users/computers "this part is especially import as you need to be cognisant of the policy's you are enabling Computer or User Policies"
- Link the gpo to whatever OU you want to test with
- Login to the machine with the appropriate user which you setup for security filtering "or computer"


To see if the policy has been applied to the machine do the following...
- from the client machine run rsop.msc
- right click on computer config or user config "which ever one you enabled"
- You will then see on the General Tab which policies that have been applied you should see yours in there

make sure that after the policy has been applied to the OU you need to run gpupdate /force and or reboot the machine. Most computer policies need to be rebooted but User Policies just need to be refreshed "unless it is a login script policy. in that case you need to logout and log back in"

Remember that you cannot modify the Password Policy from a policy other than Default Domain Policy. If you want to do this you will need to use PSO which is a feature in Windows 2008 and up.

Will.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 1

Author Comment

by:JeffBeall
ID: 40535984
"Link the gpo to whatever OU you want to test with"

that is the part that we can't find. Where do you link the GPO to an OU?
0
 
LVL 14

Accepted Solution

by:
dmwynne earned 668 total points
ID: 40536308
On the server open Group Policy Mgmt Console from the admin tools folder.

In the Group Policy Management Console (GPMC) console tree, locate the site, domain, or organizational unit (OU) to which you want to link a Group Policy object (GPO)

Do one of the following:

To link an existing GPO, right-click the domain or OU within the domain, and then click Link an Existing GPO . In the Select GPO dialog box, click the GPO that you want to link, and then click OK .

To link a new GPO, right-click the domain or OU within a domain, and then click Create a GPO in this domain, and link it here . In the Name box, type a name for the new GPO, and then click OK .


http://technet.microsoft.com/en-us/library/cc732979.aspx
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40536342
Yes, in the GPMC.msc console. Just link the GPO to the OU. Do not create a GPO on an OU.

Will.
0
 
LVL 1

Author Closing Comment

by:JeffBeall
ID: 40544446
thank you for the help.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Here's a look at newsworthy articles and community happenings during the last month.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question