Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Group policy - Simple question for a experienced admin 2

Status
Not open for further replies.
hlauwers

hlauwers

Technical User
Aug 20, 2003
58
0
0
BE
Hi,

I just implemented group policy.
I've read alot about it and think I'am doing it the right way.

I have a group policy : "Laptop users". I would like that this policy is executed when the users logon to the network.
But i would like that when the users are at home the policy is NOT executed.

So now when they log in at home (userid/domain) the policy still is executed. (remembered i guess)

Letting users logon locally is not an option.

Anyone has a suggestion ?

thanks alot !

Greetz
H
 
Sort by date Sort by votes

So when your users log on at home, they are using a VPN to connect to the office network?

If they are logging into the domain and not the local machine, then domain level GPO's will be applied. I don't see a way around this since you stated that local log on is not an option.


Patty [ponytails2]
 
Upvote 0 Downvote
Right Patty!
GPO can be applied to machines and/or to users.
When a user logs on, doesn't matter from where, he is a user in that network and will have applied to it (if exist) the GPO user part.
The only choice then is to make a policy based on machines. Put your laptop computers in an OU and assign a policy to them.


Gia Betiu
gia@almondeyes.net
Computer Eng. CNE 4, CNE 5, MCSE Win2K
 
Upvote 0 Downvote
Hi Guys,

not all of the users are using VPN @ home.
So when they just log on, (not on the domain)group policy still is executed ? I would think that this only is possible when you can contact a domain controller during thelogin procedure.

Or does he remember the last gpo settings for the domain?


Greetz
H
 
Upvote 0 Downvote
If they aren't using vpn@home, are they not connecting from home? If that's the case, the solution is already here. Per the previous posts, create an OU for the people that are using vpn@home, the others shouldn't, matter. (Please clarify if I'm wrong, and good luck. We all need it.)((Here's a couple of stars for our stars, GrnEyedLdy and GiaBetiu!)) [2thumbsup]

Glen A. Johnson
Johnson Computer Consulting
"I only know that I know nothing."
Socrates (47-399 BC); Greek philosopher

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884
 
Upvote 0 Downvote

"Letting users logon locally is not an option..."

Maybe I have misunderstood your post, but if they are not logging into the domain, then they must be logging on locally. If this is the case then domain level GPO's will not apply.

Patty [ponytails2]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Abdullah Al Maruf
  • Locked
  • Question
Telnet help for
Replies
2
Views
101
gbaughma
gbaughma
MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
77
ADB100
ADB100
goombawaho
  • Locked
  • Question
Microsoft Azure Active Directory - Backup Admin Account 1
Replies
2
Views
127
goombawaho
goombawaho
mangentle
  • Locked
  • Question
What are the key advantages of using Microsoft Windows Servers for businesses?
Replies
1
Views
128
gbaughma
gbaughma
Teo En Ming
  • Locked
  • Question
Actions taken during Disaster Recovery for client whose IBM Megaraid controller has failed
Replies
2
Views
116
fightaccording
fightaccording

Part and Inventory Search

Sponsor

Back
Top