Archived from groups: microsoft.public.win2000.group_policy (More info?)
Hi,
I'm working in a 2003 domain with XP clients. I'm trying to use a Group
Policy with the Restriced Policy set up so when a member belonging to a
particular OU logs on to a workstation, it makes them part of the local
admin group. From what I've been reading in newsgroups I think I'm on the
right track but it doesn't seem to be working.
Below are details of what I've done so far:
1) On a server with GPMC installed, I've created an OU called HelpDesk. All
users within this OU are part of a security global group I've created called
HelpDesk and have standard Domain User rights.
2) For this OU I've created a GP which I've called "Add helpdesk users to
local admin group".
3) In this GP I went to Restriced Groups and added a group called
"Administrators".
4) I then went into the properties of this under the "Members of this group"
section where I added the "HelpDesk" group. In the this section it now
displays "domain1\Helpdesk". (NB I understand this setting, when working,
over writes and exisiting user in the group so I would add these in again as
part of this policy.)
When I now log in a user who's part of HelpDesk it does not to add this
group to the local admin group. I have some other policies running (ie to
all Helpdesk to join a domain) and these are working. DNS is also installed
and working correctly.
Can anyone see where I'm going wrong? If you need any more info please let
me know.
Thanks,
Curtis.
====================================
When replying by email please remove the X
====================================
Hi,
I'm working in a 2003 domain with XP clients. I'm trying to use a Group
Policy with the Restriced Policy set up so when a member belonging to a
particular OU logs on to a workstation, it makes them part of the local
admin group. From what I've been reading in newsgroups I think I'm on the
right track but it doesn't seem to be working.
Below are details of what I've done so far:
1) On a server with GPMC installed, I've created an OU called HelpDesk. All
users within this OU are part of a security global group I've created called
HelpDesk and have standard Domain User rights.
2) For this OU I've created a GP which I've called "Add helpdesk users to
local admin group".
3) In this GP I went to Restriced Groups and added a group called
"Administrators".
4) I then went into the properties of this under the "Members of this group"
section where I added the "HelpDesk" group. In the this section it now
displays "domain1\Helpdesk". (NB I understand this setting, when working,
over writes and exisiting user in the group so I would add these in again as
part of this policy.)
When I now log in a user who's part of HelpDesk it does not to add this
group to the local admin group. I have some other policies running (ie to
all Helpdesk to join a domain) and these are working. DNS is also installed
and working correctly.
Can anyone see where I'm going wrong? If you need any more info please let
me know.
Thanks,
Curtis.
====================================
When replying by email please remove the X
====================================
Facebook
Twitter
Instagram