![]() ![]() You could set a security so as to filter out Domain Admins? PaulGroup Policies will apply whether you are Domain Admin or not depending on if you have any securiy filtering in place. Can anyone help? I'm sure that I'm just missing something obvious!!! ![]() There are no other GPOs that are taking precedence over this GPO. I've even specifically added the domain admin into the local admin group but no luck. I've checked that Domain Admins is a member of the Local Administrators group on the PC. When I log in as a Domain Admin I still can't run any executables. This is as expected as I haven't added in any exceptions yet. When I go to the computers and log in as a non-administrator I can't run executables. I've set "Enforcement" to "All Users except local administrators" as well as "All software files except libraries (such as DLLs) I've set the Security levels to "Disallowed". I've gone to the Computer Configuration -> Windows Settings -> Security Settings -> Software Restriction Policies ![]() I've linked a GPO to an OU containing computers. The policy is applying however even domain administrators are being blocked and I can't figure out why. I am trying to apply a software restiction policy to a group of computers within an OU. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |