G
Guest
In a Windows 2003/Windows XP environment Im trying to configure a new GPO to
control my end users local group membership. The goal is simple. I want to
place each end user into the Network Configuration Operators local group on
their respective Windows XP computers.
I have figured out how to add specific users into local groups using
Restricted Groups in my GPO. Using this method I can add my own domain
account for example to the local Administrators group on each machine in the
OU I have applied this policy to.
But how would I add each user to their own local group using GPO? My GPO is
linked to an OU which contains multiple computers and users. Using the
Resticted Groups method I described above I have been able to add my account
to the local Administrators group on ALL computers in the OU. Where I have
come up short is finding a way to add a individual domain account to the
local group on each individual computer in the OU.
Here is the goal.
OU>Computer 1>Local Group>User 1
Ou>Computer 2>Local Group>User 2
Etc
Etc
I want to place only User 1's domain account into the local group on only
Computer 1. If I use the GPO I have now I would add User 1's account to the
local grou on all computers in the OU. Is there anyway to narrow it down more?
Thanks for the help.
control my end users local group membership. The goal is simple. I want to
place each end user into the Network Configuration Operators local group on
their respective Windows XP computers.
I have figured out how to add specific users into local groups using
Restricted Groups in my GPO. Using this method I can add my own domain
account for example to the local Administrators group on each machine in the
OU I have applied this policy to.
But how would I add each user to their own local group using GPO? My GPO is
linked to an OU which contains multiple computers and users. Using the
Resticted Groups method I described above I have been able to add my account
to the local Administrators group on ALL computers in the OU. Where I have
come up short is finding a way to add a individual domain account to the
local group on each individual computer in the OU.
Here is the goal.
OU>Computer 1>Local Group>User 1
Ou>Computer 2>Local Group>User 2
Etc
Etc
I want to place only User 1's domain account into the local group on only
Computer 1. If I use the GPO I have now I would add User 1's account to the
local grou on all computers in the OU. Is there anyway to narrow it down more?
Thanks for the help.