How can I setup one user with different AD policies depending on

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I am running a windows 2000 domain with w2k and xp workstations. I want to
setup AD policies so that if a user logs onto their personal PC they get one
set of policies, but if they log onto a different PC (in my case it is
designed to run one app) they get a second more restrictive set of policies.
A simple user policy will not work because it is not machine dependant. A
machine policy will not work because it does not have all the features of the
user policy and if I use a loop-back policy on the machine policy then the
policy affects all the users that use that machine including the
administrators.

If this scenario is only possible in 2003 please let me know, we are
planning on upgrading soon and this will just speed up our plans.
 
Your best bet is to make seperate OU's for your various computers,
Assign the Policies you want on each OU for the computers, and you're
set. This is how we do our computers at our University. We have a
different OU for Labs, Offices, Laptops, Buidlings etc...
That way if you log onto an office computer that computer gets a
specific policy applied, like an Audit Policy for example. But if you
log onto a lab computer you'll get a different Audit Policy at that
computer.
Hope this helps........
 
[email protected] said:
Your best bet is to make seperate OU's for your various computers,
Assign the Policies you want on each OU for the computers, and you're
set. This is how we do our computers at our University. We have a
different OU for Labs, Offices, Laptops, Buidlings etc...
That way if you log onto an office computer that computer gets a
specific policy applied, like an Audit Policy for example. But if you
log onto a lab computer you'll get a different Audit Policy at that
computer.
Hope this helps........
Click to expand...

That would be a simple computer policy that will affect everyone who uses
that pc, including admins. Am I correct in thinking if I create a computer
policy it affects the user regardless of domain role/user policy. I need a
computer policy that is different for different users, or user policy that
changes depending on what computer the user logs into
 
Back
Top