Archived from groups: microsoft.public.win2000.group_policy (More info?)
Can someone please tell me how to get group policy to work with a security user group (or tell me whether one can use GP to work with user groups at all)? Here is what I did to set up things up. In AD I created an OU called Special Users and I dragged the “Special Users� security group from the “Users� folder in AD to this OU. I created a group policy object for this OU. Then I followed these directions on Microsoft’s website with the title “To filter the scope of Group Policy according to security group membership� to try to get the GP to apply towards this “Special Users� group:
1. In the console tree, I right-clicked the icon or name of the Group Policy object, and then clicked Properties.
2. I then clicked the Security tab, and I added the Special Users group.
3. In the Permissions box for the selected security group (in this case the “Special Users�, I selected the “Allow� check box next to “Apply Group Policy� and “Read�. I also cleared the “Allow� check boxes next to “Apply Group Policy� for the “Authenticated Users� group.
I did the above configuration according to the table on this website: http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/windowsserv/2003/standard/proddocs/en-us/Filter.asp
After all of that, I login as a member of the “Special Users� group, but nothing happened. Please note that if I put the users themselves into the OU I had created, everything works like a champ. It is only when I use the security group in the OU that things don’t work as planned.
Can someone please tell me how to get group policy to work with a security user group (or tell me whether one can use GP to work with user groups at all)? Here is what I did to set up things up. In AD I created an OU called Special Users and I dragged the “Special Users� security group from the “Users� folder in AD to this OU. I created a group policy object for this OU. Then I followed these directions on Microsoft’s website with the title “To filter the scope of Group Policy according to security group membership� to try to get the GP to apply towards this “Special Users� group:
1. In the console tree, I right-clicked the icon or name of the Group Policy object, and then clicked Properties.
2. I then clicked the Security tab, and I added the Special Users group.
3. In the Permissions box for the selected security group (in this case the “Special Users�, I selected the “Allow� check box next to “Apply Group Policy� and “Read�. I also cleared the “Allow� check boxes next to “Apply Group Policy� for the “Authenticated Users� group.
I did the above configuration according to the table on this website: http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/windowsserv/2003/standard/proddocs/en-us/Filter.asp
After all of that, I login as a member of the “Special Users� group, but nothing happened. Please note that if I put the users themselves into the OU I had created, everything works like a champ. It is only when I use the security group in the OU that things don’t work as planned.