Adding Authorization Controlled Domain Groups: Difference between revisions

Browse history interactively

← Older edit

VisualWikitext

@@ Line 22: / Line 22: @@
 ** For example: Boss Laser Authorized
 * Create an Authorizer security group
 ** For example: Boss Laser Authorizer
+** NOTE: Now is a good time to add all Authorizer (likely danger committee users) to this group.
 === 2) Django Steps ===
@@ Line 36: / Line 37: @@
 * Create a new group policy and place it in the OU you originally created
 * Edit new group policy with the following selection
 ** Computer Configuration
 *** Policies
@@ Line 42: / Line 42: @@
 ***** Security Settings
 ****** Local Policies / User Rights Assignment
 ******* (Policy) Allow Log On Locally
 ******** (Setting) PS1\Domain Admins, PS1\[Authorizer Security Group], PS1\[Authorized Security Group], BUILTIN\Administrators, BUILTIN\Administrators
+****** Local Policies / Security Options
+******* (Policy) Interactive Logon: Do not require CTRL+ALT+DELETE
+********(Setting) Disabled
+****** Restricted Groups
+******* (Group) PS1\[Authorizer Group]
+******** (Member Of) BUILTIN\Administrators
+** User Configuration
+*** NONE
-******* Local Policies / Security Options
+Here is an example of how the GPO should look.
-******** (Policy) Interactive Logon: Do not require CTRL+ALT+DELETE
-*********(Setting) Disabled
-******* Restricted Groups
+[[File:BossGroupPolicy.png|Example of group polciy]]
-******** (Group) PS1\[Authorizer Group]
-********* (Member Of) BUILTIN\Administrators
-** User Configuration
+== Final Notes ==
-*** NONE
+To finalize the changes, it is recommended you reboot the affected computer, or run "gpupdate /force" from a command prompt.