Win2k group policies

[imhotepmp]

Im in MMC Local Computer Policy-->User Configuration->Administrative Templates-->Desktop(or any other option)

The problem is that when I set something it applies to the Admin account. How can I specify which groups to apply these policies to?

also any good books that could help me out?
thanks

imhotepmp

 

[AndyHui]

Run GPEDIT.MSC in therun dialog to start the Group Policy Editor.

 

[imhotepmp]

<< Run GPEDIT.MSC in therun dialog to start the Group Policy Editor. >>



and then what?

I dont think it matters whether I add the snap-in in the mmc or just run gpedit.msc, it will give me the same options, right?(besides I tried that already )
My problem is that I want to enable the Admin group do bypass the gp settings? Is there anyway to do that?

imhotepmp

 

[StuckMojo]

hmm...kindof a silly question but, how to you get to these policies now from the start menu or whatever? NT4 had an entry for it, but it seems win2k doesnt...

i would have expected to find it in &quot;Computer Management&quot; or &quot;Administrative Tools&quot;, but its not there.

hmm...is it because my server isnt a domain controler?

BTW, gpedit.msc brings it up....but there must be a shorcut or entry for it somewhere...

 

[StuckMojo]

BTW, this might answer your question imhotepmp:

from a windows help search on &quot;policy&quot; (of all places!):

Using security groups to filter Group Policy
Because Group Policy can apply settings from more than one Group Policy object to a site, domain, or organizational unit, you can add Group Policy objects that are associated with other directory objects. You can also prioritize how these Group Policy objects affect the directory object to which they are applied.

In Windows 2000, computers can belong to security groups. Administrators can use security groups to further refine which computers and users a Group Policy object influences. For any Group Policy object, administrators can filter the Group Policy object's effect on computers that are members of specified security groups. This filtering occurs using the standard access control list (ACL) editor. To use the ACL editor, click a Group Policy object's property sheet, and then click Security. The ACL editor can also be used by administrators to delegate who can modify the Group Policy object.

 

[imhotepmp]

arghh!!!

dp

imhotepmp

 

[imhotepmp]

stuckmojo in order to get to these policies you open up a console and add the gp snap in.
run mmc
then add group policy snap in
ps. thanks for the help I undterstand the concept but how do I implement security grooups?



imhotepmp

 

[StuckMojo]

how do you &quot;add the snapin&quot;?

i think i found out how to put it in admin tools...there are some extra admin tools on the server cd that you have to install separately, and that adds an entry (among others) for group policy editor.

as far as implementing the security groups, i *think* you have to have active directory installed. (i surmise this from the snippets i read in the windows help)

i would suggest examining the (normally crappy) windows help, as it seems to have rather extensive information on active directory and group policies.

 

[imhotepmp]

not at home right now, wil go home and check my computer with win2k o it and let you know


imhotepmp

 

[imhotepmp]

after running mmc
go to console>add/remove snap-in(ctrl-m)>Add>Group Policy
lmk if this works


imhotepmp

 

[StuckMojo]

ahhh..i got it. i never just ran mmc. i would get to it by going to &quot;computer management&quot; or something similar

so there is no shorcut by default set up anywhere for group policy then.