Do not apply GPO to one machine in an OU

  • Thread starter Thread starter Guest
  • Start date Start date
1. Create a security group for computers to which you want to apply GPO,
2. put all but one computer (the one that you don't want GPO to be applied
to) in that security groups,
3. edit GPO security settings and remove Authenticated users from reading
and applying GPO's
4. Add your security group rights to read and apply GPO

--
Regards

Matjaz Ladava, ladava.com
MCSA, MCSE, MCT
Microsoft MVP Windows Server - Directory Services
e-mail: (e-mail address removed), (e-mail address removed)
 
1. Create a security group for computers to which you want to apply GPO,
2. put all but one computer (the one that you don't want GPO to be applied
to) in that security groups,
3. edit GPO security settings and remove Authenticated users from reading
and applying GPO's
4. Add your security group rights to read and apply GPO
Click to expand...

Alternatively, and perhaps more simply ...

1) Create a security group for the computer(s) you don't wish to apply the
GPO to.
2) Edit the GPO's delegation tab (Advanced) and Add a Deny Apply for that
group.

Cheers,

Kenny.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

GPO not applying to user when only TS server is in Locked down OU. 3
GPO is not reflacting to client machine 2
group policy not applying to an OU that contains only computers 1
Don't want to apply a GPO to certain group members 2
GPO Computer Setting - Ccan they be applied to Users ? 6
Computer Configuration GPO 5
Active Directory GPO - Enforcing Password Protected Screen Savers 4
GPO for individual users? 8

Back
Top