Excluding a specific machine from Group Policy - Server Essentials 2012

group-policy windows-server-essentials

Server OS: Server Essentials 2012 Client OS Windows 8.1

I have a domain set up using SE 2012 and have used the group Policy wizard to apply Folder Redirection and "Security Settings".

Can I make an exception for a specific machine so that Folder Redirection and Windows Update settings are not applied for that machine.


Solution 1:

Yes. There a few basic approaches to his problem.

  1. Organization Units (OUs)
    • You can use OUs to control which computers get which policies, either by linking different group policies to different OUs, or by blocking inheritance in some OUs.

  2. Filtering
    • You can use either WMI filtering or Security Filtering to force GPOs to apply or not apply to given computer and/or user object(s).

  3. Group Policy Precedence
    • Not all group policy objects have the same precedence. You can use this to have a desired group policy effectively overrule an undesired one.

Solution 2:

You can use the Delegation-tab of the policy you want to exclude and add the computer you do not want to apply the policy to, to the list. Select the server on the Delegation tab, click the 'Advanced' button, and set the 'Apply Group Policy' setting to 'Deny'. Now, this server is excluded from this policy without moving it or blocking inheritance.

Related

Is it possible to normalize "double-dots" URL using nginx?
Removing ADLDS in Windows Server
Why does VPN IPSec client use UDP?
openvpn: crl has expired?
Where does Add-VpnConnectionRoute store its information
"Issued certificate not yet valid." with wget?
Recreate containers with no downtime in docker-compose
How can my app detect a change to another app's window?
How do I use AVFoundation to crop a video
Implementing Google Translate with custom flag icons
Extending RelativeLayout, and overriding dispatchDraw() to create a zoomable ViewGroup
Train Tensorflow Object Detection on own dataset