K
KA Kueh
Dear all,
I have a couple of posts previously on this issues. Everyone says use
Restricted Groups in GPO. But I have tried but could not get it working.
Could someone be kind enough to provide me with some step by step guide? I
think my problem is with understanding the subject. Here is what I am
trying to achieve.
1) Domain users are added to local machine as local Administrator group or
Power Users group now. SO it is very hard to enforce consistent policy as
users on some machine can get around GPO since they have local admin power.
I want to standardize so that everyone is only assigned to just Power Users
group via GPO.
2) Remove Users from Administrator group if it has been assigned previously
on local machine.
I try to achieve this via GPO but did not succeed as I tried to follow some
of the instructions. Firstly, there is no such group as "Power Users" in
Windows 2000 AD so I am stumped.
Detailed instruction would be much appreciated. Thank You.
Regards,
Kueh
I have a couple of posts previously on this issues. Everyone says use
Restricted Groups in GPO. But I have tried but could not get it working.
Could someone be kind enough to provide me with some step by step guide? I
think my problem is with understanding the subject. Here is what I am
trying to achieve.
1) Domain users are added to local machine as local Administrator group or
Power Users group now. SO it is very hard to enforce consistent policy as
users on some machine can get around GPO since they have local admin power.
I want to standardize so that everyone is only assigned to just Power Users
group via GPO.
2) Remove Users from Administrator group if it has been assigned previously
on local machine.
I try to achieve this via GPO but did not succeed as I tried to follow some
of the instructions. Firstly, there is no such group as "Power Users" in
Windows 2000 AD so I am stumped.
Detailed instruction would be much appreciated. Thank You.
Regards,
Kueh