Group Policy for detached domain client

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

Hi. I have a few laptops that are being used from home after hours. Users on
these laptops are made part of the local administrators group when they are
on the LAN by using group policy. Once they are off the LAN they log into
their machines as usuall but do not have administrative rights. Am I right in
saying that once the machine is off the network, the group policy does not
apply anymore, even though they are logged into the machine? And if so, how
to I fix it, apart from manually adding them to the local policy on each
machine?

Any assistance in this regard is appreciated, even a link to a document will
help very much.

Thanks up front,

Morne
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

Once they are off the LAN they log into
> their machines as usuall but do not have administrative rights. Am I right
> in
> saying that once the machine is off the network, the group policy does not
> apply anymore, even though they are logged into the machine?


If they still log into the domain while not connected they will use cached
credentials and have the same privileges as if they actually logged into the
domain.
If they log in locally when not connected to the domain they the domain
group policy will not apply.



And if so, how
> to I fix it, apart from manually adding them to the local policy on each
> machine?


Remove their local login account. There is really no reason for them to log
in locally. This will force them to log in with cached credentials.


hth
DDS W 2k MVP MCSE

"Morne" <Morne@discussions.microsoft.com> wrote in message
news:13FC0DFD-EC2E-4B85-AB10-13FD45A861E2@microsoft.com...
> Hi. I have a few laptops that are being used from home after hours. Users
> on
> these laptops are made part of the local administrators group when they
> are
> on the LAN by using group policy. Once they are off the LAN they log into
> their machines as usuall but do not have administrative rights. Am I right
> in
> saying that once the machine is off the network, the group policy does not
> apply anymore, even though they are logged into the machine? And if so,
> how
> to I fix it, apart from manually adding them to the local policy on each
> machine?
>
> Any assistance in this regard is appreciated, even a link to a document
> will
> help very much.
>
> Thanks up front,
>
> Morne
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom