Q: Can a user be a member of two OUs and policies would apply based on the hierarchy of the OUs?
Example: User Bob is a member of Domain Users and Terminal Users groups. When he is in the office, he logs in to the network from his laptop and uses network resources. When he is out of the office (out of state), he logs into his laptop with cached credentials and then uses Remote Desktop Connection to log into our terminal servers.
There are obviously two seperate policies for Domain Users that log into the network and for Terminal users that log in remotely. One is basic and the latter is very restrictive (cant view C:/, cant save passwords).
Is this possible?
Example: User Bob is a member of Domain Users and Terminal Users groups. When he is in the office, he logs in to the network from his laptop and uses network resources. When he is out of the office (out of state), he logs into his laptop with cached credentials and then uses Remote Desktop Connection to log into our terminal servers.
There are obviously two seperate policies for Domain Users that log into the network and for Terminal users that log in remotely. One is basic and the latter is very restrictive (cant view C:/, cant save passwords).
Is this possible?