A question that has stumped me for a while. I know this is possible over domains using Active Directory and all the rest, but what about on a basic local machine running on a basic network with many users.
Say this local machine is a communal work machine, which anyone with an account can use. All accounts are local, and are not roaming or on a domain, they are local to the machine. Each user has different privileges, and are separated by groups.
While trying to create a group policy for a certain group, the group doesn't actually show up in the list. All that shows up in the list, are the local accounts individually, and two categories/groups: Administrators and Non Administrators
Where are the other groups? Why can I not create multiple policies specific to each individual group (Group1, Group2, Group3) that I have created?
The selection text quotes: "Local Users and Groups compatible with Local Group Policy". This seems to say that the groups I create seem not to be compatible with Group Policy?
Is there any fix to make custom groups 'Compatible' with Group Policy? Perhaps a registry or DLL fix?
Go to the Group Policy Management Console (gpmc.msc) and navigate to the required Organisational Unit. Right click, and select "Create a GPO..." and give it a name. Right click on the newly created Group Policy Object, and deselect "Link Enabled" to prevent it from applying before you have finished configuring it. Configure your GPO, and in the GPO Security Filtering panel, you are able to Add/Remove specific Active Directory users, groups and computers in which you want your GPO to apply to.
Hope this helps you