I want to apply a GPO to restrict them from downloading and running any files. they can browse the internet but not download nor run any files.
I have a total of 10 users, only two will be exclude from that policy.
Should I create a new OU and move the users to that OU and create that policy, or what is the best way to accomplish that?
windows 2008 r2 .