Advertisement
Hi everyone,<\/p>\n
I’m trying to figure out how to make something happen within group policy. Of course we have this huge group policy settings that contains msot everything about we want applied to our machines. However, I’ve another addition to our group policy that involves a custom version of IE7. While I want this to apply to all the workstations, I don’t want it to apply to the servers.<\/p>\n
Now, if I highlight just the policy concerning the IE7 deployment, and then click block inheritance on the server, does it block everything, or just that one policy? And if it does block everything, how do I get it to block only the IE7 and not the other.<\/p>\n
Any pointers appreciated.<\/p>\n
Rich<\/p>","upvoteCount":1,"answerCount":4,"datePublished":"2009-10-26T16:02:41.000Z","author":{"@type":"Person","name":"rmuniz9336","url":"https://community.spiceworks.com/u/rmuniz9336"},"acceptedAnswer":{"@type":"Answer","text":"
That’s easy then just link the IE7 GPO to the computers OU. That way it won’t touch your servers or DC’s.<\/p>\n
I wouldn’t mess with inheritance. For the most part that becomes useful when you are dealing with terminal servers.<\/p>","upvoteCount":0,"datePublished":"2009-10-26T16:22:54.000Z","url":"https://community.spiceworks.com/t/trying-to-make-this-happen-in-group-policy/34407/4","author":{"@type":"Person","name":"jeffford","url":"https://community.spiceworks.com/u/jeffford"}},"suggestedAnswer":[{"@type":"Answer","text":"
Hi everyone,<\/p>\n
I’m trying to figure out how to make something happen within group policy. Of course we have this huge group policy settings that contains msot everything about we want applied to our machines. However, I’ve another addition to our group policy that involves a custom version of IE7. While I want this to apply to all the workstations, I don’t want it to apply to the servers.<\/p>\n
Now, if I highlight just the policy concerning the IE7 deployment, and then click block inheritance on the server, does it block everything, or just that one policy? And if it does block everything, how do I get it to block only the IE7 and not the other.<\/p>\n
Any pointers appreciated.<\/p>\n
Rich<\/p>","upvoteCount":1,"datePublished":"2009-10-26T16:02:41.000Z","url":"https://community.spiceworks.com/t/trying-to-make-this-happen-in-group-policy/34407/1","author":{"@type":"Person","name":"rmuniz9336","url":"https://community.spiceworks.com/u/rmuniz9336"}},{"@type":"Answer","text":"
Do you have your computers & servers separated within AD with their own OU? Your domain controllers already are in their own OU so in the GPMC select your GPO that has the IE7 customizations and then in the Location choose just your workstation OU instead of your entire domain.<\/p>\n
As far as I know blocking inheritance blocks all GPO’s above that OU except the enforced ones. I wouldn’t recommend doing that.<\/p>","upvoteCount":0,"datePublished":"2009-10-26T16:14:43.000Z","url":"https://community.spiceworks.com/t/trying-to-make-this-happen-in-group-policy/34407/2","author":{"@type":"Person","name":"jeffford","url":"https://community.spiceworks.com/u/jeffford"}},{"@type":"Answer","text":"
They’re all in there own seperate little OUs, Computers in one, servers in another, and of course DC in a third.<\/p>","upvoteCount":0,"datePublished":"2009-10-26T16:17:17.000Z","url":"https://community.spiceworks.com/t/trying-to-make-this-happen-in-group-policy/34407/3","author":{"@type":"Person","name":"rmuniz9336","url":"https://community.spiceworks.com/u/rmuniz9336"}}]}}