If I have settings in the domain OU that I want to exclude the administator
account, what's the best way of doing that? Putting the admin account in
it's own OU doesn't seem to work as the domain OU is overridding any settings
on the newly created OU.
Thanks.
1) "block policy inheritance"
2) create a GPO where you explicitly alter settings you desperately
need acces to
3) do not set a top GPO to strict and create second top level OU's to
do your bussiness in
Re: 2003 server, GPOs, admin lockdown ... A new GPO was linked to a 4th level OU containing 10 XP Pro domain members, user policies were defined and loopback/merge enabled to apply those policies to users logging onto any of the 10 computers. ... The effect of this was to do nothing for the win98 problem and to apply the policies to the primary domain controller, which means that domain admins can no longer run essential tasks, such as *.msc applications, software audits and "pushed" updates, on this system. ... I did at one point edit the wrong GPO in error, but corrected that two days before the lockout occurred and modelling the admin account, the PDC and the admin account on the PDC gave the results I expected, with none of the lockout setting enabled. ... (microsoft.public.windows.group_policy)
Re: Last Logged-on User ... free OU and signed on with a restricted user account that has no other ... an admin account that has no policies I did. ...GPO, that would explain why only local admins show up--it's before GPO is ... (microsoft.public.sms.admin)
Running a specific program with Administrative rights. ... >user doesn't want to logoff and logon with a different ... >the GPO is not going to happen. ... the users are not allowed or can't run Regedit... will allow you to put in admin account and password. ... (microsoft.public.win2000.security)
Rename Administrator Account to %computername% ... I am looking for a way in my GPO setting to rename the admin account to ... GPO, but it does not take the name of the server, it only renames the ... (microsoft.public.windowsxp.security_admin)
Re: runas and registry/profile access problem ... ... but I have a problem with runas itself. ... I hope my explanation makes sense:). ... instead of each user's profile....admin account profile) using windows explorer. ... (microsoft.public.windowsxp.help_and_support)
