Excluding a specific machine from Group Policy - Server Essentials 2012
Server OS: Server Essentials 2012 Client OS Windows 8.1
I have a domain set up using SE 2012 and have used the group Policy wizard to apply Folder Redirection and "Security Settings".
Can I make an exception for a specific machine so that Folder Redirection and Windows Update settings are not applied for that machine.
Solution 1:
Yes. There a few basic approaches to his problem.
- Organization Units (OUs)
- You can use OUs to control which computers get which policies, either by linking different group policies to different OUs, or by blocking inheritance in some OUs.
- You can use OUs to control which computers get which policies, either by linking different group policies to different OUs, or by blocking inheritance in some OUs.
- Filtering
- You can use either WMI filtering or Security Filtering to force GPOs to apply or not apply to given computer and/or user object(s).
- You can use either WMI filtering or Security Filtering to force GPOs to apply or not apply to given computer and/or user object(s).
-
Group Policy Precedence
- Not all group policy objects have the same precedence. You can use this to have a desired group policy effectively overrule an undesired one.
Solution 2:
You can use the Delegation-tab of the policy you want to exclude and add the computer you do not want to apply the policy to, to the list. Select the server on the Delegation tab, click the 'Advanced' button, and set the 'Apply Group Policy' setting to 'Deny'. Now, this server is excluded from this policy without moving it or blocking inheritance.