GPO and Computer / User configuration

  • Thread starter Thread starter Guest
  • Start date Start date
Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

I am new to AD so I need some guidence. I have created an
OU and only assigned users to this OU. No groups, no
computers. I place users directly into the OU. I then
created an GPO for this OU and in the computer
configuration > Windows Settings > Security Settings >
Local Policys > Security Options > MessageText for Users
attempting to Logon section of GPO I set it to display a
login window. Well as you can imagin this login window
did NOT get displayed. When I added a computer to this OU
and the logon window was then displayed on this computer
only.

My question is why? What if I want to setup a romaning
profile and would display this login banner that is
associated to a user no matter what computer they log
into? Does the computer settings section of a GPO only
apply to the computers associated with that OU and not to
the user who is logging in?
 
Archived from groups: microsoft.public.win2000.group_policy (More info?)

Items set in the Computer Configuration area of a Group Policy are specific
to Computers...
Items set in the User Configuation area of a Group Policy are specific to
Users...

By default when you set up a Group Policy Object the security on the GPO is
set to "Authenticated Users" (Authenticated Users has "Read" and "Apply
Group Policy") ... Do not let this confuse you... "Authenticated Users"
means both users and computers... It should really say "Authenticated
Objects" (i.e. objects with usernames and passwords... which user and
computer accounts both have... computers are simply handled silently)...

So, by placing the computer into the OU... the setting, which was in the
computer configuration area was functionally pushed down to the computer
object in that ou...

If you want a computer based setting to be associated with a specific user
or group... look up "loopback processing" and see how thing functionality
will help...

"smoszkowicz" <smoszkowicz@pacorinc.com> wrote in message
news:1874d01c41b23$fea46b10$a401280a@phx.gbl...
> I am new to AD so I need some guidence. I have created an
> OU and only assigned users to this OU. No groups, no
> computers. I place users directly into the OU. I then
> created an GPO for this OU and in the computer
> configuration > Windows Settings > Security Settings >
> Local Policys > Security Options > MessageText for Users
> attempting to Logon section of GPO I set it to display a
> login window. Well as you can imagin this login window
> did NOT get displayed. When I added a computer to this OU
> and the logon window was then displayed on this computer
> only.
>
> My question is why? What if I want to setup a romaning
> profile and would display this login banner that is
> associated to a user no matter what computer they log
> into? Does the computer settings section of a GPO only
> apply to the computers associated with that OU and not to
> the user who is logging in?
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom