[gptalk] Re: permissions and gpos

  • From: "Darren Mar-Elia" <darren@xxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Fri, 17 Oct 2008 08:12:05 -0700


This should work if I understand your scenario. How have you granted the
deny ACE? What are you denying? Have you looked at the Effective Permissions
tab in the ACL editor to see if it thinks that your computer in question has
the correct rights?






From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Bean, Scott
Sent: Friday, October 17, 2008 7:57 AM
To: 'gptalk@xxxxxxxxxxxxx'
Subject: [gptalk] permissions and gpos


I have been upgrading my policies to the new vista format.  I have a
seemingly simple question about permissions.  How do I stop the computer
configuration from being applied to certain groups.  I have to put
authenticated users as apply for the computer configuration to take place.
But if I have a nested group and set that as deny it still gets the computer
configuration, which has caused a huge problem and headache this Friday


Basically I have a policy that I want one nested group to get but not


Thanks in advance,



Other related posts: