Question : Problem: Applying policies in server 2003

I am a new user to the group policy object editor and would like to apply some policies to certain groups of users.

I want all but two users to not have the ability to shut down the server (these are thin clients).

Also, I want all the thin client users screen resollution to be higher, or at least give them the option to change their screen resolution.  Right now it's impossible to change the screen res. on all users except for my username, and I'm not sure why that is.

Thanks,

Ken Poole
A-1 Electric Motor Service

Answer : Problem: Applying policies in server 2003

In your Active Directory Users and Computrers , simply move the Administrator out of the effected OU.  However if you did make the shutdown and display settings on the default domain policy (see below) you will have to do follow the options below.

To check and see if the default domain policy was configured as such - go to gpedit.msc and click below the domain name - you will see the default domain policy, which then collapses into a computers and users tree.

• If you applied these changes to the default domain policy under user, then you have two options to alleviate the administrator not having display and shutdown rights. 
• Create another OU in Active Directory Users and Computers (i.e. administrators, IT, etc).  
• Using gpedit do not change a thing for this OU, but do block inheritance 
• http://technet.microsoft.com/en-us/library/cc757050.aspx#BKMK_block 
• This will prevent the settings to effect administrators 

or

• Clear the changes you made on the default domain policy concerning shotdown and display settings 
• Create another OU in Active Directories and Computers for the users who need to be limited with Diplay settings (i.e. ThinCLientUsers) 
• Move these users into the OU using Active Directory Users and Computers.