Deny Group Policy based on Computers

E

Eric Romero

Hello,

We have a group of pc's that I need to lockdown(hide icons, restrict access
to drives etc). All users log in as the same username. I set up the group
policy on the OU that the username resides. The group policy only uses the
User Configuration settings, so I checked off to disable the Computer
Config. All seemed to work as expected. Until i was told there are a few
machines that should not be locked down. I created a secruity group
including those machines and selected deny to apply group policy security
setting. However this does not seem to work as the policy is still getting
applied.

Is there a way to prevent the group policy from being applied to certain
machines?
 
S

Steven Umbach

Hi Eric. You might try to implement Group Policy loopback processing on those
machines. You will probably want to create an OU for those machines. Loopback
processing applies user configuration from the OU that the computer is in to any
user that logs onto that computer with either a merge or replace mode. See link
to KB article. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;231287
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Group Policy Processing differences ... 3
Deny 'apply policy' to machine? 2
Group Policy Pains 7
Attempting to apply policy to certain pc's 1
Computer based group policy 5
Incorrect GPResult result 3
Group Policy Not Being Applied?? 11
Question about group policy/security policy registry settings 1

Top