Yeah I missed that Users get that policy not Computers. Putting the user into a security group and putting deny on them would work but then the policy would do be the same on ALL computers they used not just the laptops.
Jon On Wed, Dec 17, 2008 at 10:46 AM, Micheal Espinola Jr < [email protected]> wrote: > Never tried it, but that sounds right to me. > > -- > ME2 > > > > On Wed, Dec 17, 2008 at 9:44 AM, Miller Bonnie L. > <[email protected]> wrote: > > Folder Redirection is a user-based policy, so wouldn't you need to > activate > > loopback policy processing to apply (deny) it to a computer account? > > > > > > > > -Bonnie > > > > > > > > From: Oliver Marshall [mailto:[email protected]] > > Sent: Wednesday, December 17, 2008 3:31 AM > > To: NT System Admin Issues > > Subject: RE: Disabling folder redirection on one machine > > > > > > > > Something is amiss. RSOP for my user account against the laptop in > question > > shows that teh folder redirection policy is (should be) being applied > even > > though that laptop has DENY against Apply Policy in the delegation tab :S > > > > > > > > Odd. > > > > > > > > From: Oliver Marshall [mailto:[email protected]] > > Sent: 17 December 2008 11:09 > > To: NT System Admin Issues > > Subject: RE: Disabling folder redirection on one machine > > > > > > > > Annoyingly, that doesn't work L > > > > > > > > I've put the computer in to a security group, put that group in the > > Delegation tab with an advanced property specifying "Apply Policy DENY", > but > > no end of rebooting for forcing an update causes the laptop in question > to > > NOT apply that policy. Any user logging on happily gets all the data > > synched. The event log on either box shows no errors relating to why the > GPO > > *IS* being applied. > > > > > > > > ARGH! > > > > > > > > Olly > > > > > > > > From: Jon Harris [mailto:[email protected]] > > Sent: 16 December 2008 12:06 > > To: NT System Admin Issues > > Subject: Re: Disabling folder redirection on one machine > > > > > > > > Put the laptops in a Security group put a deny on the security group from > > geting that policy but make sure it is the only thing in that policy you > > want affected! > > > > > > > > Jon (finally getting rid of my cold) > > > > On Tue, Dec 16, 2008 at 4:23 AM, Oliver Marshall > > <[email protected]> wrote: > > > > Hi chaps, > > > > Whats the best (read proper) way to disable folder redirection for any > user > > on one machine? We have a 2008/vista based network and we use folder > > redirection to keep the data on the servers. All good. However we have > some > > new laptops which will go out in the field and it's been decided that the > > users will need to be able to log on to the laptops as themselves (rather > > than using a dedicated local account on the laptop). However this in turn > > goes against the data policy which precludes laptops from having copies > of > > users profiles or company data on them (everything is to be access via > SSL > > web app). > > > > Is the best way to just add the computer name to the permissions of the > > folder redirection GPO and then set that permission to denied ? > > > > Olly 'got man cold' Marshall > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
