Restricted Group Processing
Administrators may configure restricted groups for a specific group policy object by adding the desired group directly to the restricted groups node of the group policy object namespace. Once groups are added, membership may be configured for each group by right-clicking the appropriate group, and then clicking Security.
In the Security dialog box there are 2 list boxes, "Members of group name" and "group name is a member of", where group name is the appropriate group name. Membership is enforced as:
In the Security dialog box there are 2 list boxes, "Members of group name" and "group name is a member of", where group name is the appropriate group name. Membership is enforced as:
- Members of group name
Membership Is Strictly Enforced: - For the restricted group, any user or group that is included in that restricted group's member list is added to the group.
- Any user or group that is currently a member of the group, but is not listed in the restricted group's member list is removed.
- group name Is a Member of
Only inclusion is enforced in this case. The restricted group is not removed from other groups based on the items in this list.
No comments:
Post a Comment