General discussion

Locked

GPO on P2P network

By j9lemmon ·
I have a P2P network with 3 computers running XP Pro. I am using GPO to set user configurations, but they are applying to all users. Is it possible to create different GPO settings for each user on a P2P network? If so, what are the steps?
I know this can be done in a client/server network using OUs; don't know if it's possible in P2P network.
I'd even be willing to do the GPOs one computer at a time, if I can create different settings for different users.
Thanks very much.
John Lemmon

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by BFilmFan In reply to GPO on P2P network

For settings set in Computer Configuration, you will need a domain and OU.

For settings set in User Configuration, you can configure those in either a P2P or a domain.

So the answer is it depends on which settings you are wanting to configure.

Collapse -

by jm In reply to GPO on P2P network

Multiple GPO assignments are indeed a function of Active Directory, otherwise you are stuck with a single local policy object. How do the functions vary between users?

You may be able to use security groups. Note that many of the settings in the policy objects allow you to specify a security group (administrators, etc.) rather than giving an option to all users.

Collapse -

by jm In reply to

Based on your requirements, I think creating separate policy objects is overkill. If you use the built in security groups, such as administrator, power user, and user, you can effectively restrict access to damaging functions within control panel and my computer. You can also use these to prevent the user from running certain applications, and from deleting files from critical portions of the hard drive. Then you can further use the policy objects to indicate what specific groups should be able to do.

The only instance I'd recommend a tighter level of control might be in a kiosk type of application where you did not want the user to see the operating system at all. However, this type of application would require the administrator to manage the policies remotely.

Collapse -

by j9lemmon In reply to GPO on P2P network

Additional information:
1) I am working with User Configuration
2) The settings need to vary from highly restrictive (No access to control panel & My Computer) to completely unrestricted for administrator.
JL

Collapse -

by CG IT In reply to GPO on P2P network

well Local Group Policy isn't much different than domain Group Policy. The problem your having is that your editing the default local group policy that applies to all rather than creating OUs, putting users into those OUs, creating a GPO you want that set of users to have, then linking the GPO to the OU.

Collapse -

by CG IT In reply to

just kidding! OUs are a componet of Active Directory and not a local machine policy. The use of a user profile is probably the way to go creating a .man file with all the configurations you want for the user.

Back to Windows Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums