I have a question regarding the way GPOs get processed. I have a windows 2003 domain and all workstation are xp sp2. My OU structure is very simple. I have an OU called CompanyUSERS and all user are located in this ou. I have another OU for compuetrs and another ou for security groups. The way i implement user policy is by; linking all GPOs to the Compnayuser OU and then i filter all the GPO by security group. For the most part the gpos are mainly used to map dept shared drives, so basically i create a group for the dept, add the users to the group, then create a simple .bat script to map the dept shared drive and link it to the gpo. Then I remove authenticated users from the permissions of the gpo and add the secutrity group with read and apply group policy permssion. My questions is; when a user logs in, does the login look at all of the gpos in that OU regardless of whether they have permission to apply the policy? Attached is a screen shot of my gpo mmc.
You must be logged in to reply to this topic.
Create a free account today to participate in forum conversations, comment on posts and more.