Conflicting group policies

view full story

http://serverfault.com – I got 5 servers where i need to lock them down so as standard there is only read only access to the C drive and a couple of other servers where full admin access is required all the time. There is a need however that out of the 5 servers that are locked down all the time a user can request access and they be moved into an approved security group for that server. I have created an OU group for each server and inside that OU there is an approved and denied policy along with a approved security group and a denied security group. I have taken off the authenticated users off each policy and appli (HowTos)