|
Posted by tin on July 27, 2007, 3:08 pm
Please log in for more thread options I came across this one policy but wasn't sure what it for.
Thank you so much for all you guys help!
>> Interesting. I have always simply added the groups to the computers'
>> local Adminstrators group. The same thing could be done by adding
>> Administrators to the "Restricted Groups" setting and specifying the
>> delegated group.
>>
>> This setting is under:
>>
>> Computer Configuration
>> Windows Settings > Security Settings > Restricted Groups
>
> Just to be clear, the way one would do this, add a domain group
> named for example OuControllers to the Administrators group
> on all machines in the OU, is to add a Restricted Group definition
> in a GPO linked to that OU. The Restricted Group definition would
> be for the group OuControllers, one would leave the Members list
> empty (not set) and would type in Administrators as the one entry
> in the Member-Of list.
>
> Roger
>
>>> Hello, I've delegated full controll to a security group to an OU, but
>>> that
>>> group still not able to manage computers remotely. For instance, they
>>> cannot
>>> perform administrative tasks on computers in that are in this OU. I know
>>> I
>>> can run a script to add this security group to all the active computers
>>> in
>>> that OU but I just wanted to know if there's another way to do this? I
>>> dont
>>> think you can automate this through GPO though, but I could be wrong.
>>>
>>> Thanks,
>>> TC
>>
>>
>
>
| 
XML Sitemap