Hi,
I got the following setup of our OUs. Company with 200+ employees, starting integrating AD with Policies.
Every Employee Group (Workgroup) has her own Computers. We are using Windows-Server 2008.
OU Setup:
OU Computers
-- OU WorkgroupA
-- OU WorkgroupB
OU Users
-- OU WorkgroupA
-- OU WorkgroupB
OU Computers contains sup-ous with computers in there.
OU Users contains sup-ous with Users and Usergroups in there.
So i created a Folder-Redirection GPO and linked to the Main-Ou "OU Users", Security Filtering is on default "Authenticated Users". This is working fine. All Users get the Redirection Rule on all PCs. (Only User-Specific Settings)
Now i want to create an GPO which allows a specific group to have admin rights on their Computers.
For example:
User "User1" from sup OU "OU WorkgroupB" (Under "OU Users") should be able to gain admin-rights on computers located in sup-ou "OU WorkgroupB" (Under "OU Computers").
So, i thinked and created the GPO with the admin-rights and linked them to the "OU WorkgroupB" under Computers. That doesn't work. i also tried to link them additionally to the OU Users.
I also tried to create a security-global group containing "User1" and added this group under the Scope of the gpo.
How should i create those GPO?
I hope somebody can help me/us.
- Edited by Marcwa19197 Friday, June 19, 2015 5:42 PM