[gptalk] Re: Apply GPO to Computers Only

  • From: "Darren Mar-Elia" <darren@xxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Fri, 8 Dec 2006 07:48:42 -0800

So you have a GPO that contains some logon script and sets loopback? I
suspect the problem is that you've removed authenticated users, added the
computer accounts, which is fine, but no users can read the user portion of
the loopback GPO when they logon. You might try granting Read and Apply GP
to the "Domain Users" group. That allows users to  read the GPO but not
other computers. 



From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Buonora, Craig (GE, Research, consultant)
Sent: Thursday, December 07, 2006 12:59 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Apply GPO to Computers Only


I had another issue come up where I need to apply a User configuration item
[remove map network drive] to about 6 computers in my Domain. I created the
GPO, remove the Authenticated Users element from the delegation - Advance
tab, and added my machine names, and click Read and apply for the
permissions to each. I also included Loopback Processing to Merge with this,
I used merge and replace. I cannot get this policy to apply. This needs to
be set on 6 machines that are used by the public and I do not want to do
this locally as I would like to exclude eventually some NT accounts from the
policy so they can log on and do some admin functionality that involves
mapping drives.


Thank again in advance for the help.


Craig M. Buonora

GE Global Research Center

CompuCom Systems, Inc.

Network Services Engineer II


T 518.387.6664

F 518.387.7427

D *833-6664

E buonora@xxxxxxxxxxxxxxx


One Research Circle

Building KW Room C153

Niskayuna, New York 12309

www.ge.com <http://www.ge.com/> 


Other related posts: