Can GP apply to a Security Group?
Started by
Christine L
, Sep 05 2007 02:03 AM
#1
Posted 05 September 2007 - 02:03 AM
#2
Posted 05 September 2007 - 02:18 AM
Try reading this.... if you still are unclear about it.. I will yank out my Server2003 Advanced Administration guide..
http://download.micr...a3b/gpintro.doc
http://download.micr...a3b/gpintro.doc
#3
Posted 05 September 2007 - 08:18 AM
GP stands for group policy...and you should usually be applying policies to groups instead of users...
an OU is a kind of group...which is why you apply group policies to OU's....then if you need a user to get a different GP applied...you move them to the appropriate OU..
what you're asking (moving a group from OU to OU instead of moving users) won't particularly work...because there will be conflicting GPs....there would be a GP applied to the user in the OU they reside in...then a GP applied to the group that you moved to a different OU
an OU is a kind of group...which is why you apply group policies to OU's....then if you need a user to get a different GP applied...you move them to the appropriate OU..
what you're asking (moving a group from OU to OU instead of moving users) won't particularly work...because there will be conflicting GPs....there would be a GP applied to the user in the OU they reside in...then a GP applied to the group that you moved to a different OU
#4
Posted 05 September 2007 - 02:23 PM
Short answer : NO
Long answer: YES but...
You can apply the policy on domain level and change the security level of the policy so that only the specified group can read and apply the policy.
(Make sure all other users/group don't have access to the policy)
Other OU's/groups will still get the policy, but they won't have the appropriate security rights to implement them.
Long answer: YES but...
You can apply the policy on domain level and change the security level of the policy so that only the specified group can read and apply the policy.
(Make sure all other users/group don't have access to the policy)
Other OU's/groups will still get the policy, but they won't have the appropriate security rights to implement them.
#5
Posted 05 September 2007 - 07:49 PM
OIC, thanks a lot!
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users