Announcement

Collapse
No announcement yet.

Applying Computer Policy only if User is member of a partic. group.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Applying Computer Policy only if User is member of a partic. group.

    Hello

    Easy question: I need to activate Messenger Service on some computers contained in an OU only if a user member of "Warehouse" group is logged on.

    The question is that actually I need to start messenger service only on computers where "warehouse" members log on.
    No problem if they logoff, the service can remain started.

    Any Ideas?
    Loopback processing is not a good solution...
    Max

  • #2
    Re: Applying Computer Policy only if User is member of a partic. group.

    I forgot

    Of course "warehouse" members are not administrators in workstation they log in (.....otherwise I could have used login script ehehe
    Max

    Comment


    • #3
      Re: Applying Computer Policy only if User is member of a partic. group.

      Quick answer: you can't
      Loopback will apply User settings based on Computer object location in the AD tree, and the services part is a Computer Setting.

      Not sure if this will work, but you can try tweaking the ACL for Messenger Service, so that only a predefined list of groups can query the service (this can be done in the GPO applied to the computer in question)
      Guy Teverovsky
      "Smith & Wesson - the original point and click interface"

      Comment


      • #4
        Re: Applying Computer Policy only if User is member of a partic. group.

        Well... you won't believe but this was also my thought. The only reason why I excluded that solution because it's too heavy and too invasive for computers. I was looking for a cleaner solution
        One of my thoughts is playing with vbscript executed with different credentials, or another idea could be using scheduled taks by scheduling with admin credential the task for starting the service
        let's see: I create a scheduled taks with proper credentials, then I use a user logon scripts that check if user is member of warehouse, if so, it execute task via schtasks.... uhm... it should work
        ...... this evening I need to sit down in my room chair sipping sauternes and thinking about it
        Max

        Comment


        • #5
          Re: Applying Computer Policy only if User is member of a partic. group.

          It does work!!!
          See ya
          Max

          Comment

          Working...
          X