I do exactly this, it's awesome. From: Ziots, Edward [mailto:[email protected]] Sent: Thursday, October 13, 2011 5:37 AM To: NT System Admin Issues Subject: RE: Has anyone tried to add a local account on a server to a restrictive Group via GPO?
I will take a look at it today, going to test out my GPO's before putting them on the production system. Kinda why I tell folks not to use local accounts, but sometimes stuff sneaks through and its typically vendor related. Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:[email protected] Cell:401-639-3505 [cid:[email protected]] From: Christopher Bodnar [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Wednesday, October 12, 2011 4:42 PM To: NT System Admin Issues Subject: Re: Has anyone tried to add a local account on a server to a restrictive Group via GPO? Have you seen this? http://social.technet.microsoft.com/Forums/en-US/winserverGP/thread/64d9a801-5281-487c-8d14-1b092c0dffcf/ It looks like you should be able to do this through GPO Restricted Groups, or using Preferences. Chris Bodnar, MCSE, MCITP Technical Support III Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: [email protected]<mailto:[email protected]> Phone: 610-807-6459 Fax: 610-807-6003 From: "Ziots, Edward" <[email protected]<mailto:[email protected]>> To: "NT System Admin Issues" <[email protected]<mailto:[email protected]>> Date: 10/12/2011 03:38 PM Subject: Has anyone tried to add a local account on a server to a restrictive Group via GPO? ________________________________ Trying to add a local user to a restrictive groups GPO ( its on the server for an application) I am wondering if that can even be done ( unless you modify the GPO from the server that has the local account in question) As for the local account ( silly Healthcare application, don't ask long story about inability on vendors part to set proper DCOM permissions) Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:[email protected] Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
<<inline: image001.jpg>>
