Re: Group Policy
- From: Meinolf Weber [MVP-DS] <meiweb(nospam)@gmx.de>
- Date: Fri, 5 Jun 2009 06:48:16 +0000 (UTC)
Hello Kerry,
Restricted groups work fine:
http://www.frickelsoft.net/blog/?p=13
You have to keep attention of "Members of this group" and "This group is a member of". One replaces the member, the other one adds.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
We have a requirement where certain group needs to be added into
administrators group of all computers in the domain. Tried using the
restricted groups, however this GP setting will remove all the users
and groups which are pre-exisiting in the local Administrators group
on all computers. This can be really fatal, as we might have special
business application requirements where there will be some domain or
local users/groups that have been already added to the local
administrators group, which will be removed by setting this policy. If
we decide to identify the list of users/groups that are present today
in the administrators group on computers and include that in the
restricted GP, it will give admin previlges for everyone in that group
which is not the objective.
I want to achieve the below:
The Domain User of the PC to be only added to his local administrators
group, along with another Domain Group. Can this be done?? We are
using Windows Server 2003?
Regards
.
- References:
- Group Policy
- From: Kerry
- Group Policy
- Prev by Date: Re: Why "DOMAIN.LOCAL\Administrator"?
- Next by Date: Re: 1 of 2 domain controllers down and users cannot login to the domai
- Previous by thread: Re: Group Policy
- Next by thread: Time Server-NtpServer Reg Syntax
- Index(es):
Relevant Pages
|
