Group Policy

  • Thread starter Thread starter ME
  • Start date Start date
M

ME

Guest
Here is the scenario:



2003 active directory with IT OU and Servers built-in OU. IT people in IT
OU have a login script in a group policy at User Configuration/Windows
Settings/Scripts/Logon folder. When IT people log into a PC the login
script executes. However I don't want the login script execute when IT
people log into the servers listed inside the Server OU. How do I make it
work? I already selected Block Inheritance when I right click Servers OU
but it did not prevent the login script from running at login. Thanks.
 
Re: Group Policy

Me,
The problem you have is that User policies run for the user, regardless of
what OU the computer is in.
You can set a loopback policy on the server OU:
http://support.microsoft.com/kb/231287. This will tell the server to ignore
the policies of the user and apply alternate user policies (which may be
none). This is usually done for terminal servers.
Anthony,
http://www.airdesk.co.uk



"ME" <ME@NoMailPlease.com> wrote in message
news:Om96VO19IHA.4552@TK2MSFTNGP03.phx.gbl...
> Here is the scenario:
>
>
>
> 2003 active directory with IT OU and Servers built-in OU. IT people in IT
> OU have a login script in a group policy at User Configuration/Windows
> Settings/Scripts/Logon folder. When IT people log into a PC the login
> script executes. However I don't want the login script execute when IT
> people log into the servers listed inside the Server OU. How do I make it
> work? I already selected Block Inheritance when I right click Servers OU
> but it did not prevent the login script from running at login. Thanks.
>
>
 
Re: Group Policy

THANKS!

"Anthony [MVP]" <anthony@no-reply.com> wrote in message
news:uoH2r859IHA.4892@TK2MSFTNGP05.phx.gbl...
> Me,
> The problem you have is that User policies run for the user, regardless of
> what OU the computer is in.
> You can set a loopback policy on the server OU:
> http://support.microsoft.com/kb/231287. This will tell the server to
> ignore the policies of the user and apply alternate user policies (which
> may be none). This is usually done for terminal servers.
> Anthony,
> http://www.airdesk.co.uk
>
>
>
> "ME" <ME@NoMailPlease.com> wrote in message
> news:Om96VO19IHA.4552@TK2MSFTNGP03.phx.gbl...
>> Here is the scenario:
>>
>>
>>
>> 2003 active directory with IT OU and Servers built-in OU. IT people in
>> IT OU have a login script in a group policy at User Configuration/Windows
>> Settings/Scripts/Logon folder. When IT people log into a PC the login
>> script executes. However I don't want the login script execute when IT
>> people log into the servers listed inside the Server OU. How do I make
>> it work? I already selected Block Inheritance when I right click Servers
>> OU but it did not prevent the login script from running at login.
>> Thanks.
>>
>>
 
Back
Top