Apply group policies per machine

Yesterday, in a windows network and resource planning session, i’ve realized that my company have the need of segmentation for computer and lan usage, depending on department user affiliation.
In our case the policy to be applied must be per machine instead the usual per-user policy.

For the first moment we get in trouble. In fact the usual group policy we have ever applied was per-user(it’s simple by the windows server mmc snap-in).

I found some links very useful:

The trick is  on a particular field of Group Policy options: group policy Loopback Processing

Link from microsoft:

With this option we gain a process of policy application with very interesting results, in fact the policies were applied to a user on a particular location(computer). In this case the GP object must be linked on a computer object on the domain tree enclosed (in case) inside  organizational unit.

N.b.  after the link of a GPO to an OU, on the physical machine the best is to run the command  gpupdate /force, to apply the changes fast. Another tool to verify the results is “gpresults” always by command line.


~ di diegotech su ottobre 12, 2009.


Inserisci i tuoi dati qui sotto o clicca su un'icona per effettuare l'accesso:


Stai commentando usando il tuo account Chiudi sessione /  Modifica )

Google+ photo

Stai commentando usando il tuo account Google+. Chiudi sessione /  Modifica )

Foto Twitter

Stai commentando usando il tuo account Twitter. Chiudi sessione /  Modifica )

Foto di Facebook

Stai commentando usando il tuo account Facebook. Chiudi sessione /  Modifica )


Connessione a %s...

%d blogger hanno fatto clic su Mi Piace per questo: