Friday, July 16, 2010
sysprep: put computer in specific OU
sysprep.inf:
[Identification] JoinDomain=DOMAIN DomainAdmin=sysprepadmin DomainAdminPassword=password MachineObjectOU="OU=Desktops,OU=Machines,DC=Domain,DC=local"
Thursday, July 1, 2010
Loopback Policy Processing
User policies are applied based on who you are.
More specific: in what OU your user account is, since group policy objects are linked to OU’s.
But sometimes you want to apply policies based on where you are.
For instance, specific settings apply when you log on to a terminal server instead of your own pc.
This is where loopback policies come in place.
- create a new OU
- move the terminal server computer account to this OU
- create and link a new group policy object
- edit the policy object
- computer policy, Administrative templates, System, Group Policy, and enable the Loopback Policy
- choose to replace all user policies or to merge (policies from this policy object will overrule others)
Microsoft’s knowledgebase: http://support.microsoft.com/kb/231287