LinkBack URL
About LinkBacks
Reply With QuoteSince you already have the users you want excluded in a security group, the simplest way to deny the policy would be to go to the Delegation tab in the GPMC add the security group and set the 'Apply group policy' permission to Deny.
Getting Started on GPanswers.com
Scripting newbie needs help
Background info first.
We have an Main OU with several Sub OU's. All GPO's except the ones designed specifically for the sub OU are applied in the Main OU. General GPO's include Applications and Drive mappings. Specific ones are Printers for specialty software.
Now for the problem.
I have a drive mapping GPO that is applied to the whole container. Now we want to deny it to one specific security group which includes all users in one of the sub OU's but we do not want to block inheritance of the rest of our GPO's so I am trying to write a WMI script. I know it should say something like:
SELECT * from Win32_{something} WHERE {variable} [=,>,<,is, etc] {desired result}
but I am unsure how to fill in the blanks to deny a security group.
I would appreciate any and all help
100+ Helpful Posts!
50+ Helpful Posts
Since you already have the users you want excluded in a security group, the simplest way to deny the policy would be to go to the Delegation tab in the GPMC add the security group and set the 'Apply group policy' permission to Deny.
Posting Permissions