Re: Restricted Groups in OU
From: Mike Schmidt (mikesc_at_hynixeugene.com)
Date: 05/19/04
- Next message: RJDE: "Domain logins fail after making Terminal Server a domain controller"
- Previous message: Angie: "drive restrictions but still searchable"
- In reply to: Derek Melber [MVP]: "Re: Restricted Groups in OU"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 19 May 2004 13:14:47 -0700
That did the trick. The Default Domain Policy was "enforced". As soon as I
set it to not "enforce", then the OU policy did take effect. Thanks!
"Derek Melber [MVP]" <derekm@braincore.net> wrote in message
news:u3TvcIdPEHA.4036@TK2MSFTNGP12.phx.gbl...
> The OU policies do supersede the domain policies. Make sure the Def Domain
> POlicy does not have no override set.
>
> Also, you will need to configure the lower level GPO with ALL members in
the
> group. Restricted groups will not append to one another. It is all or
> nothing as they compile the list. So, at the OU level, configure the GPO
> with the Domain Admins and the other group you desire.
>
> --
> Derek Melber
> BrainCore.Net
> derekm@braincore.net
> "Mike Schmidt" <mikesc@hynixeugene.com> wrote in message
> news:uJKPzYcPEHA.620@TK2MSFTNGP10.phx.gbl...
> > We have a default domain policy that puts the Domain Admin group in the
> > local Administrators group. What I need to do is make a restricted
group
> on
> > a particular OU so that another domain group would be put in the local
> Admin
> > group as well as the Domain Admin. It's all set up, but when I try it,
it
> > is not applying. When I use the GPMC modeling it is not showing the
other
> > group in the local admin group.
> >
> > I thought that the OU policies would override the default domain policy?
> >
> >
>
>
- Next message: RJDE: "Domain logins fail after making Terminal Server a domain controller"
- Previous message: Angie: "drive restrictions but still searchable"
- In reply to: Derek Melber [MVP]: "Re: Restricted Groups in OU"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
