# GPO exclusion



## p0ng0 (Sep 15, 2007)

Hi,

I need a little advice on excluding my computer from the Default Domain policy.
The DD policy enforces a wallpaper which i'd like to exclude from this system.

I'm not too sure where i should be placing another GPO as yet.

Anybody have any advice? Much appreciated!

Christian


----------



## avisitor (Jul 13, 2008)

If you put the computer in its own OU, you could block inheritance which would stop GPOs from applying.


----------



## p0ng0 (Sep 15, 2007)

Thanks!
However, i have created an OU and placed the computer in there, yet my desktop will not change, it refuses to. It displays just a blank screen!

Any ideas?


----------



## srhoades (May 15, 2003)

Perhaps the policy is a default domain policy instead of applied to a specific OU.


----------



## p0ng0 (Sep 15, 2007)

it is indeed the default domain policy as mentioned in my original post.
any further ideas?


----------



## srhoades (May 15, 2003)

If it is default domain policy no matter what OU you are in it will take affect, it is global. You will need to delete that specific default domain policy and recreate it for the OU of the users that need it.


----------



## avisitor (Jul 13, 2008)

I believe that Default Domain Policy will not take effect if the OU has inheritance blocked unless the Enforce flag is set. 

You can set/remove the enforce flag by right clicking on Default Domain Policy.


----------



## ThePrutser (Oct 13, 2007)

Are there any user policies active? (which might disable changing the wallpaper)


----------



## p0ng0 (Sep 15, 2007)

the wallpaper policy is under the user policies yes...


----------



## ThePrutser (Oct 13, 2007)

And the policy also applies to the user account that you are using to change the desktop wallpaper? Then you will have to exclude the user account from the policy and not necessarily the computer account. (Depending on the policy settings you might need to exlude both the user account and the computer account)


----------



## axis77 (Aug 31, 2004)

Default Domain Policy, blanket effect on all the OU's. It will get pushed to your pc regardless. The only way to change this behaviour is to create another policy strictly for desktop user settings like the issue your having, so basically move those settings away from the default policy and put them in this "new policy for user desktops", then you put your self in a seperate OU that will block the inheritance of this new policy for the user desktops...


----------

