Adding Authorization Controlled Domain Groups: Difference between revisions

@@ Line 22: / Line 22: @@
 ** For example: Boss Laser Authorized
 * Create an Authorizer security group
 ** For example: Boss Laser Authorizer
+** NOTE: Now is a good time to add all Authorizer (likely danger committee users) to this group.
 === 2) Django Steps ===
@@ Line 33: / Line 34: @@
 === 3) Group Policy Steps ===
-(WIP)
 * Create a new group policy and place it in the OU you originally created
-* Edit this new group policy
+* Edit new group policy with the following selection
+** Computer Configuration
+*** Policies
+**** Windows Settings
+***** Security Settings
+****** Local Policies / User Rights Assignment
+******* (Policy) Allow Log On Locally
+******** (Setting) PS1\Domain Admins, PS1\[Authorizer Security Group], PS1\[Authorized Security Group], BUILTIN\Administrators, BUILTIN\Administrators
+****** Local Policies / Security Options
+******* (Policy) Interactive Logon: Do not require CTRL+ALT+DELETE
+********(Setting) Disabled
+****** Restricted Groups
+******* (Group) PS1\[Authorizer Group]
+******** (Member Of) BUILTIN\Administrators
+** User Configuration
+*** NONE
+Here is an example of how the GPO should look.
+[[File:BossGroupPolicy.png|Example of group polciy]]
+== Final Notes ==
-* LIST CHANGES HERE
+To finalize the changes, it is recommended you reboot the affected computer, or run "gpupdate /force" from a command prompt.