D
Drazen
This is our configuration:
- w2k DC having simple domain with default containers intact (Users, Computers...)
- one global security group (group "A") dwfined on level of domain
itself (same level where containers Users and Computers are)
whose members are two domain computers (listed in Computers container).
- group policy "B" defined on whole domain (under Default domain policy)
- for group policy B, Authenticated users were removed under
"Security" settings and our group "A" was added with "Read" and
"Apply group policy".
THe problem is that policy "B" is not applied to security group "A".
Actually the policy is not applied to *ANY* computers.
When GPREsULT is run on machines in security group "A" there is
"Filtering: Denied (Security)". GPRESULT shows NO sign of those two
computers being in security group "A" (and I suppose thats why policy
is not applied to them).
What have I done wrong?
If I remove group "A" from policies "Security" and add those
two computers manually (and set Read, and Apply policy to each of them),
the policy is applied successfully but I'm not satisfied with this
solution. Who can explain this? I hope that everything is explained well...
Thank you,
Drazen
- w2k DC having simple domain with default containers intact (Users, Computers...)
- one global security group (group "A") dwfined on level of domain
itself (same level where containers Users and Computers are)
whose members are two domain computers (listed in Computers container).
- group policy "B" defined on whole domain (under Default domain policy)
- for group policy B, Authenticated users were removed under
"Security" settings and our group "A" was added with "Read" and
"Apply group policy".
THe problem is that policy "B" is not applied to security group "A".
Actually the policy is not applied to *ANY* computers.
When GPREsULT is run on machines in security group "A" there is
"Filtering: Denied (Security)". GPRESULT shows NO sign of those two
computers being in security group "A" (and I suppose thats why policy
is not applied to them).
What have I done wrong?
If I remove group "A" from policies "Security" and add those
two computers manually (and set Read, and Apply policy to each of them),
the policy is applied successfully but I'm not satisfied with this
solution. Who can explain this? I hope that everything is explained well...
Thank you,
Drazen