Posts
I will be making a group policy so whoever logs in will have restrictions to the control panel, this will only occur for one (OU organization unit).
First I will open up active directory users and computers.
This is a blank canvas; nothing has been edited in AD (Active Directory). I will start by making a OU, this is done by right clicking the domain on the left and click new then OU.
I will call the OU limited accounts, now the OU will be created. Now I need to create users, I will right click my OU and click new then user. Then I will just fill in the details of the user such as username and password and name, I am only doing one user for demonstration purposes.
Now the user is created I will now start to create the policy, I will right click on the OU and then click on properties. There is a group policy tab; this is where all the policies for this OU will be stored. I will now click new, I will call the policy limit and then click the no override box, and this means other policies cannot override this object.
To edit the policy to limit the control panel I will click edit, click under user configuration and click under administrative templates, there is a section called control panel open that up and then enable the option (prohibit access to the control panel)
Now I’m done, now to test it out.
I will log out and then log in as test and see if it has worked, as you can see on the screenshot there is no control panel available to that user in that OU.
0 Comments:
Post a Comment