How can I apply a Group Policy to all users except the administrator and only on specified computers?
When you have build the policy attach it at the top OU level that encompass all computers you would like to manage and then within GPO manager when you have build the policy within the Scope Tab > Security filtering (at the bottom) add the computer group you created here and the policy to have created will apply to all computers within that group.
Thank you. That was helpful. I see how to specify all Server 2008 R2 computers, but how would I specify all users that aren't administrator?
Or do you need to exclude the administrator?
You can make all no admins a group then use WMI filter to select that group
1.) only be applied to a User from "User LIst 1" logging into a computer from "Computer List 1"
or
2.) be applied whenever a user from "User List 1" logs into any computer and whenever any user logs into a computer from "Computer List 1"
or
3.) the computer settings will be applied to any computer in "Computer List 1" and the user settings will be applied to any user in "User List 1"
Look at Domain Users group.
We always keep domain admins administrator separate from the users in the domain
Groups are the best way to do that.
What would the WMI select statement be to select all users but administrator?
Also, I only want to apply *user settings* to Server 2008 computers (and only if the user isn't administrator). If user filtering is for user setting and computer filtering is for computer settings, I still don't understand how I could make this work. Is it possible?
Select * FROM Win32_ComputerSystem WHERE UserName <> "domainName\UserName"
Also no do not remove those users from the default groups
Best to create a new group and put all non admins in that group
HTH
Your best bet would be to create a Security Group -> add all of your computers to this new group -> set the security filtering on the GPO to point to the new group -> link the GPO to whatever OU's the computers are in
If they are in multiple different OU's then link it once at the domain level.
Thats it.
Will.
Gain unlimited access to on-demand training courses with an Experts Exchange subscription.
Get AccessWhy Experts Exchange?
Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.
When asked, what has been your best career decision?
Deciding to stick with EE.
Being involved with EE helped me to grow personally and professionally.
Did You Know?
We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE
Ask ANY Question
Connect with Certified Experts to gain insight and support on specific technology challenges including:
- Troubleshooting
- Research
- Professional Opinions
Join our community and discover your potential
Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.
*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.