[gptalk] Re: Restricted Groups - appending to local administrators
- From: ca11235 <ca11235@xxxxxxxxxxxxxx>
- To: gptalk@xxxxxxxxxxxxx
- Date: Wed, 5 Sep 2007 10:45:48 +0100
Guys,
Sorry for the slow thanks - my mail forwarding has gone a bit awol. Thanks
for the replies.
Col
On 30/08/07, Thorbjörn Sjövold <thorbjorn.sjovold@xxxxxxxxxxxxxxx> wrote:
>
> Col, see below for an answer that I gave previously, this seem to be very
> common question J
>
>
>
> Best,
>
> Thorbjörn
>
>
>
>
>
> /******************************/
>
>
>
> Actually it is both possible to both mirror *and* add, the latter is done
> using the "This group is a member of:" part of the Restricted Groups
> settings, but you have to select the groups in "reverse" order, i.e. first
> the group you want to add and then where you want it, while in the normal
> case you select the group to manage and then who should be in it.
>
>
>
> So if you for example want to have Domains Admins added to the local
> Administrators group, you select Add Group… in the Restricted Groups node,
> then select Domain Admins from your domain and in the "This group is a
> member of:" you select the Administrators group. Remember to select the
> local computer in the Object Picker when you browse for the local group.
>
>
>
> HTH,
>
> Thorbjörn Sjövold
>
> Special Operations Software
>
> www.specopssoft.com
>
> thorbjorn.sjovold a t specopssoft.com
>
>
>
> Download our free tool for remote Gpupdate with graphical reporting,
> http://www.specopssoft.com/products/specopsgpupdate/
>
>
>
>
>
>
>
>
>
>
>
>
>
> *From:* gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] *On
> Behalf Of *Auld Colin
> *Sent:* den 30 augusti 2007 15:29
> *To:* gptalk@xxxxxxxxxxxxx
> *Subject:* [gptalk] Restricted Groups - appending to local administrators
>
>
>
> Is there a way to *add* a member to the local administrators group on a
> member server using Restricted Groups? I know that, normally, a Restricted
> Group policy will remove any existing members and replace them with those
> set in the policy. But what I'd like to do is use Restricted Groups to
> extend the list i.e. leave the existing members as they are...
>
> Col
>
> |* This e-mail, and any attachments, is confidential and for the use of
> the addressee only.
>
> |* If you are not the intended recipient, please telephone +44 (0) 1506
> 408700
>
> |* We do not accept legal responsibility for this e-mail or any viruses.
>
> |* All e-mails sent and received by us are monitored.
>
> |* Contracts cannot be concluded with us by e-mail.
>
> |* This message has been sent from a member of the British Energy Group
> (the "Group").
>
> |* The parent company of the Group is British Energy Group plc, a company
> registered in Scotland, registered number 270184, and having its registered
> office at
>
> |* Systems House, Alba Campus, Livingston EH54 7EG
>
>
>
Other related posts:
