Archived from groups: microsoft.public.win2000.group_policy (
More info?)
That is true. I had the impression that the server would only offer shares to the
sales group and a deny to the server would protect from unauthorized access in case
of a share/ntfs permissions being to permissive or to browse Computer
anagement. --- Steve
"Ken" <anonymous@discussions.microsoft.com> wrote in message
news:1940101c44c92$a43f8920$a001280a@phx.gbl...
> That might be a little overboard (and wouldn't work if
> the same server offered shares to the technical group).
> Perhaps just NTFS/share permissions would work better for
> this situation?
>
> Just an idea..
> Ken
>
> >-----Original Message-----
> >Create a group and add all the users from the technical
> OU to the group. Then on the
> >servers offering shares to the sales OU you do not want
> them to access, add that
> >group to the user right for "deny access to this
> computer from the network". You
> >could do that in the Local Security Policy of each
> server or at the OU level via a
> >GPO if all the servers are in an OU structure. --- Steve
> >
> >
> >"shoeb" <shoeb@edi-technology.com> wrote in message
> >news:747B9BA2-9E83-4D43-A20C-
> D0EA49ED5EF3@microsoft.com...
> >> i have a main OU EDI with 2 child OU Sales and
> technical. I want to restrict the
> >users in technical OU from accessing the shared
> resources in Sales OU.
> >>
> >> i tried by adding one technical OU user into Sales
> Security in group policy and
> >applied deny all. but this doesnt work
> >>
> >> any help will be appreciated
> >
> >
> >.
> >