Restricted Groups This security setting allows an administrator to define two properties for security-sensitive groups ("restricted" groups). The two properties are Members and Member Of. The Members list defines who belongs and who does not belong to the restricted group. The Member Of list specifies which other groups the restricted group belongs to. When a Restricted Groups Policy is enforced, any current member of a restricted group that is not on the Members list is removed. Any user on the Members list who is not currently a member of the restricted group is added. You can use Restricted Groups policy to control group membership. Using the policy, you can specify what members are part of a group. Any members that are not specified in the policy are removed during configuration or refresh. In addition, the reverse membership configuration option ensures that each Restricted Group is a member of only those groups that are specified in the Member Of column. For example, you can create a Restricted Groups policy to only allow specified users (for example, Alice and John) to be members of the Administrators group. When policy is refreshed, only Alice and John will remain as members of the Administrators group. There are two ways to apply Restricted Groups policy: Define the policy in a security template, which will be applied during configuration on your local computer. Define the setting on a Group Policy object (GPO) directly, which means that the policy goes into effect with every refresh of policy. The security settings are refreshed every 90 minutes on a workstation or server and every 5 minutes on a domain controller. The settings are also refreshed every 16 hours, whether or not there are any changes. Default: None specified. Caution If a Restricted Groups policy is defined and Group Policy is refreshed, any current member not on the Restricted Groups policy members list is removed. This can include default members, such as administrators. Notes Restricted Groups should be used primarily to configure membership of local groups on workstation or member servers. An empty Members list means that the restricted group has no members; an empty Member Of list means that the groups to which the restricted group belongs are not specified.
Restoring this software can harm your privacy, security, or the performance of your computer. Are you sure you want to restore ...
Restoring your Internet security settings to their recommended levels will help protect your computer. How do Internet security ...
Restrict communications to connections from domain-joined computers. Provides identity information for authorizing specific ...
Restrict communications to connections from domain-joined users and computers. Provides identity information for authorizing ...
Restricted Groups This security setting allows an administrator to define two properties for security-sensitive groups ("restricted" ...
Restrictions in the Client Installation Wizard (OSChooser) limit the characters used to standard ASCII characters (OEM characters ...
Restrictions in the Client Installation Wizard (OSChooser) limit the characters used to standard ASCII characters (OEM characters ...
Restrictions on delegated enrollment agents can only be enforced on Windows Server 2008 CAs and later. Before designating ...
Restrictions within the boot menu environment limit the characters used to standard ASCII characters (OEM characters 32-127). ...