ENTERPRISE

Active Directory Domain Services 2008 : Filter Group Policy Object Scope by Using Security Groups, Disable User Settings in a Group Policy Object, Disable Computer Settings in a Group Policy Object

- Marvel's Thor has sex change

- Windows Server 2012 : Installing and Configuring WINS (part 1) - Configuring Push Partners

- Sharepoint 2013 : Remove a Content Type from a List or Document Library

- Sharepoint 2013 : Add a Content Type to a List or Document Library

9/22/2012 2:48:24 AM

Filter Group Policy Object Scope by Using Security Groups

Scenario/Problem: You have a GPO linked to an OU. The OU contains user accounts. You need to limit the GPO to be applied only to a subset of the user accounts located in the OU.

Solution: Create an AD DS group. Place the user accounts in the AD DS group. Filter the GPO scope by the AD DS group.

To filter group policy scope by using security groups, perform the following steps:

1.
Log on to a domain controller or a member computer that has Windows Server 2008 RSAT installed.

2.
Click Start, click Administrative Tools, and then click Group Policy Management.

3.
In the console tree, select the Group Policy Objects node.

4.
In the details pane, select the GPO on which you want to use group filtering.

5.
On the Scope tab, shown in Figure 1, click Add.

Figure 1. The GPO Scope tab.

6.
On the Select User, Computer, or Group window, type the name of the group with which you want to filter the GPO scope; then click OK.

7.
Select Authenticated Users under the Security Filtering section of the Scope tab, and click Remove.

8.
Click OK on the remove delegation privilege confirmation screen, as shown in Figure 2.

Figure 2. The confirmation page for removing delegation privilege.

Disable User Settings in a Group Policy Object

Scenario/Problem: You have a GPO linked to an OU. The GPO is used to apply computer configuration. You want to prevent user configuration from being read during group policy processing.

Solution: Disable user settings in a GPO.

To disable user settings in a GPO, perform the following steps:

1.
Log on to a domain controller or a member computer that has Windows Server 2008 RSAT installed.

2.
Click Start, click Administrative Tools, and then click Group Policy Management.

3.
In the console tree, select the Group Policy Objects node.

4.
Right-click the GPO on which you want to disable user settings, select GPO Status, and click User Configuration Settings Disabled, as shown in Figure 3.

Figure 3. The User Configuration Settings Disabled option.

Disable Computer Settings in a Group Policy Object

Scenario/Problem: You have a GPO linked to an OU. The GPO is used to apply user configuration. You want to prevent computer configuration from being read during group policy processing.

Solution: Disable computer settings in a GPO.

To disable computer settings in a GPO, perform the following steps:

1.
Log on to a domain controller or a member computer that has Windows Server 2008 RSAT installed.

2.
Click Start, click Administrative Tools, and then click Group Policy Management.

3.
In the console tree, select the Group Policy Objects node.

4.
Right-click the GPO on which you want to disable computer settings, select GPO Status, and click Computer Configuration Settings Disabled, as shown in Figure 4.

Figure 4. The Computer Configuration Settings Disabled option.

Other

Active Directory Domain Services 2008 : Block & Remove Block Inheritance of Group Policy Objects, Change the Order of Group Policy Object Links

The Future Of Apple: Chip Off The Block (Part 10)

The Future Of Apple: Chip Off The Block (Part 9)

The Future Of Apple: Chip Off The Block (Part 8)

The Future Of Apple: Chip Off The Block (Part 7)

The Future Of Apple: Chip Off The Block (Part 6)

The Future Of Apple: Chip Off The Block (Part 5)

The Future Of Apple: Chip Off The Block (Part 4)

The Future Of Apple: Chip Off The Block (Part 3)

The Future Of Apple: Chip Off The Block (Part 2)

Most View

- Full-Frame’s Paradise

- Windows 7 : Developing Applications with Enhanced Security - CREATING AN APPLICATION WITH ENHANCED SECURITY (part 3) - Developing for Permissions

- Group Test: Integrated Valve Amps $2,175-$3,000 (Part 3)

- The Terminator, Apple And Six Months Into Your Future

- Grouptest Headphones: $150-$210 - Phone Home (Part 3) - German Maestro GMP 240

- Ten Cool Custom Android ROMs (Part 1)

- Group Test: HTC One X vs. Sony Xperia U vs. Samsung Galaxy S III vs. Huawei Ascend P1 (Part 1)

- Nvidia GeForce GTX Titan 6GB - Gaming Supercomputer Graphics Card

- Bluetooth 4.0: Low-power Feature Enables Revolutionary Uptake

- Bigger Mini Meets Smaller Big Rivals (Part 2) : Amazon Kindle Fire HD, Google Nexus 7, Versus Touchpad 7

Top 10

- Mitsubishi Hybrids – One Direction

- Race To The Clouds – Honda R&D’S ’91 NSX (Part 2)

- Race To The Clouds – Honda R&D’S ’91 NSX (Part 1)

- Volkswagen Plug-In Hybrid Up – Double Act

- Pre/Power Amplifier Marantz SA8005/PM8005 Review (Part 2)

- Pre/Power Amplifier Marantz SA8005/PM8005 Review (Part 1)

- Smart TV Finlux 50FME242B-T Review (Part 2)

- Smart TV Finlux 50FME242B-T Review (Part 1)

- The Best Money Can Buy: Motherboards (Part 2) - Asus Rampage IV Black Edition, Asus Crosshair V Formula-Z

- The Best Money Can Buy: Motherboards (Part 1) - ASRock X79 Extreme 11, Asus Intel Z97 ROG Bundle, Gigabyte Z97X-GAMING G1

site
stats