As long as the access denied if from Security Filtering, that is exactly how you should be applying your policies. managing them by group makes life a lot easier. i do have a question though, are you using WMI queries in your scripts, or anywhere else in your domain? Depending upon any added security specifically for WMI you should not need to do this. On 5/3/07, Johnson, Matthew <mjohnson@xxxxxxxx> wrote:
I created a Domain Local Group and added it to the WMI Security filtering of my GPO. I then added several other Global groups as members of that Domain Local Group. When I try logging in as a user who is a member of one of those Global Groups, Group Policy Results says that Access is Denied to the GPO. I set it up this way so that I can apply GPO's by just adding a group to another group. Can this even work? *Thanks - MJ* CONFIDENTIALITY STATEMENT: This electronic message contains information from Fisher-Titus Medical Center and may be protected health information or other confidential and privileged information under law. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this message is prohibited. If you have received this electronic message in error, please notify the sender immediately by reply e-mail or telephone at 419/668-8101.