I have 2 OUs containing computers. One contains just a special lab computers and the other all the rest of the computers on campus. I have 2 user OUs and groups. One contains all students and one teachers. I need to have a GPO that applies to all students but only when they log on to a computer that is NOT in the special lab. If they log into a special lab computer, I do not want any GPO applied. I have not been able to get this to work. I have tried putting a GPO linked to the non special lab OU and security filtered it to the student group. This does not apply to either computer or user settings. Tried with loopback and still nothing. I tried to link the GPO to the student OU, and security filtered on non-special lab group and that seems not to work either. If I remove the authenticated user, it doesn’t apply to any, if I leave authenicated users or student group, it seems to apply regardless of which computer they log on to, even with the computer group filter.
Any help in how to accomplish this will be greatly appreciated.
Thanks, Art W.
