Guest ME Posted August 5, 2008 Posted August 5, 2008 Here is the scenario: 2003 active directory with IT OU and Servers built-in OU. IT people in IT OU have a login script in a group policy at User Configuration/Windows Settings/Scripts/Logon folder. When IT people log into a PC the login script executes. However I don't want the login script execute when IT people log into the servers listed inside the Server OU. How do I make it work? I already selected Block Inheritance when I right click Servers OU but it did not prevent the login script from running at login. Thanks.
Guest Anthony [MVP] Posted August 6, 2008 Posted August 6, 2008 Re: Group Policy Me, The problem you have is that User policies run for the user, regardless of what OU the computer is in. You can set a loopback policy on the server OU: http://support.microsoft.com/kb/231287. This will tell the server to ignore the policies of the user and apply alternate user policies (which may be none). This is usually done for terminal servers. Anthony, http://www.airdesk.co.uk "ME" <ME@NoMailPlease.com> wrote in message news:Om96VO19IHA.4552@TK2MSFTNGP03.phx.gbl... > Here is the scenario: > > > > 2003 active directory with IT OU and Servers built-in OU. IT people in IT > OU have a login script in a group policy at User Configuration/Windows > Settings/Scripts/Logon folder. When IT people log into a PC the login > script executes. However I don't want the login script execute when IT > people log into the servers listed inside the Server OU. How do I make it > work? I already selected Block Inheritance when I right click Servers OU > but it did not prevent the login script from running at login. Thanks. > >
Guest ME Posted August 6, 2008 Posted August 6, 2008 Re: Group Policy THANKS! "Anthony [MVP]" <anthony@no-reply.com> wrote in message news:uoH2r859IHA.4892@TK2MSFTNGP05.phx.gbl... > Me, > The problem you have is that User policies run for the user, regardless of > what OU the computer is in. > You can set a loopback policy on the server OU: > http://support.microsoft.com/kb/231287. This will tell the server to > ignore the policies of the user and apply alternate user policies (which > may be none). This is usually done for terminal servers. > Anthony, > http://www.airdesk.co.uk > > > > "ME" <ME@NoMailPlease.com> wrote in message > news:Om96VO19IHA.4552@TK2MSFTNGP03.phx.gbl... >> Here is the scenario: >> >> >> >> 2003 active directory with IT OU and Servers built-in OU. IT people in >> IT OU have a login script in a group policy at User Configuration/Windows >> Settings/Scripts/Logon folder. When IT people log into a PC the login >> script executes. However I don't want the login script execute when IT >> people log into the servers listed inside the Server OU. How do I make >> it work? I already selected Block Inheritance when I right click Servers >> OU but it did not prevent the login script from running at login. >> Thanks. >> >>
Recommended Posts