We created new OU and placed a specific computer in that OU. WE then created a special policy in the GPO on the domain controller. The end result is to have any computer placed in the OU to be locked down to login into the domain and running only internet explorer.
In the newly created poilicy we restricted (disable all access) and allowed internet via a path policy to Iexplore.exe.
we did gpupdate /force on the DC and logged out and back into the computer. only previously existing "Default Domain Policy" remained applied.
I have done this in other scenarios with no problems.
Any help would be appreciated.