Posted on 10-26-2016 01:22 PM
Is there a way to scope policies so that the policy is available to specific computers and specific LDAP users groups?
For instance, I want to setup Self-Service to be available on all Faculty machines, but then an LDAP user from our IT group can run it on any machine. Maybe I am just missing something, but that doesn't seem possible with the current options.
Posted on 10-26-2016 01:25 PM
Hi, to do that you need to scope it to all computers that need to be able to run it and then limit by AD group.
The only way I can think to achieve what you've described is to duplicate the policy.
Posted on 10-26-2016 03:23 PM
Pretty much what David said. You'll need to duplicate the policy with the different set of scoping criteria for the LDAP admin policy.