Would you know if you can filter the application of a group policy according to what group or groups a user is in?
Matjaz Ladava [MVP]
Yes, you use security setting on GPO object. Replace authenticated users with you custom group and add Read and Apply Policy permission to them.
--
Regards Matjaz Ladava, MCSA, MCSE, MCT, MVP Microsoft MVP Windows Server - Active Directory matjaz@ladava.com, matjazl@mvps.org
"jwhite" wrote in message news:153e901c3fa55$9e305e40$a401280a@phx.gbl... > Would you know if you can filter the application of a > group policy according to what group or groups a user is > in?
Mike Aubert
If you would like a GPO to only apply to a specific group of users you need to use security filtering. Here are some links that contain info on what security filtering is and how to set it up:
Filtering the Scope of a GPO http://msdn.microsoft.com/library/en-us/policy/policy/filtering_the_scope_of_a_gpo.asp
HOW TO: Administer GPO Properties in Windows 2000 http://support.microsoft.com/?id=322176
You would basically use the following steps:
- Create a new GPO and apply it at a high level so it will apply to all user accounts (such as at the domain level) - Remove the allow "Apply Group Policy" permission from the Authenticated users group (but, do not deny) - Grant the group the Read and the Apply Group Policy permissions - Configure the GPO
------------------------------------------------------------------ Mike Aubert MCSE, MCSD, MCDBA mikenews2@2000trainers.com
Note the "news2" in my email address is temporary and may be changed in the future, remove it to email me at my Permanente address. This posting is provided "AS IS" with no warranties, and confers no rights.
"jwhite" wrote in message news:153e901c3fa55$9e305e40$a401280a@phx.gbl... > Would you know if you can filter the application of a > group policy according to what group or groups a user is > in?