RE: GPO for one machine

From: Moser, Scott (scott.moser_at_smead.com)
Date: 09/10/03

Next message: Arik Fletcher: "RE: Domain vs. Local security policy"

Previous message: Enrico Pastrello: "RE: Disabling sharing and group policies"
Maybe in reply to: Jeremy Rodriguez: "GPO for one machine"
Next in thread: Martin, Olivier: "RE: GPO for one machine"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: 'Jeremy Rodriguez' <jeremyrodriguez@cmsmechanical.com>, Focus-Ms <focus-ms@securityfocus.com>
Date: Wed, 10 Sep 2003 11:52:22 -0500

Local machine policy will apply to all logons unless they are explicitly
overridden at site/domain/OU level. Local accounts will also be effected by
local policy even local administrator. You're better off limiting
restrictions locally (unless you want them to apply to everyone) and lock
things down at the OU level.

HTH

-----Original Message-----
From: Jeremy Rodriguez [mailto:jeremyrodriguez@cmsmechanical.com]
Sent: Tuesday, September 09, 2003 1:35 PM
To: Focus-Ms
Subject: GPO for one machine

I have one machine setup with Terminal Server. I have setup a limited
desktop using a policy (GPO). I want to be able to have domain admins login
and get all menus/programs, while the rest of the users get the limited
desktop. As I have it now whenever anyone logs in to the box they all get
the limited desktop no matter if they are a domain admin. How do I fix this?
I have set it up so it only applies to this machine (loopback) and the
domain admins security box is set not to apply group policy.

---------------------------------------------------------------------------
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security
Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
---------------------------------------------------------------------------

---------------------------------------------------------------------------
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
---------------------------------------------------------------------------

Next message: Arik Fletcher: "RE: Domain vs. Local security policy"

Previous message: Enrico Pastrello: "RE: Disabling sharing and group policies"
Maybe in reply to: Jeremy Rodriguez: "GPO for one machine"
Next in thread: Martin, Olivier: "RE: GPO for one machine"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]