There is a checkbox in the ACL to grant that group the right to Apply this Policy as well as Read. You want both of those.
Thanks, Brian Desmond [email protected] c - 312.731.3132 Active Directory, 4th Ed - http://www.briandesmond.com/ad4/ Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian From: Tom Miller [mailto:[email protected]] Sent: Tuesday, September 01, 2009 2:20 PM To: NT System Admin Issues Subject: GPO filtering I have a need to create a GPO that will run an install. The install file is an MSI for Terminal Server application access for several applications. The issue I am having is security filtering. I want the GPO to apply to a group of users. If I remove "authenticated users" and add the group, nothing happens. Group Policy modeling lists the GPO as denied and inaccessible. If I add the specific PCs, this works. Looking at my various books there is no mention of the requirement to add workstations or workstation groups the GPO security to get it to work. Suggestions? Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
