How to apply group policy to users from a trusted domain
Any user policy that applies to them is going to come out of the domain their account is a member of, unless you're overriding user policy processing with loopback policy processing.
Computer policy is going to come from the domain that the computer they are logging-on to is a member of.
Are you thinking something like this? "When one of these users from domain ABC logs-on to one of the computers that is a member of domain XYZ I'd like to have certain group policy settings apply. When an ABC user logs-on to an ABC computer, though, I don't want those settings to apply. When an XYZ user logs-on to an XYZ computer, I don't want those settings to apply either."
If so, then there's no way with simple group policy to do what you're describing. You could mimic the functions of group policy with a script that checked the logon domain of the user, but running such a script in the context of the user would not permit changes to computer-specific settings.
Let me know how off-target I am with what you're asking, and I'll edit to answer your real question... (smile)
Related videos on Youtube
NimsDotNet
I am a software engineer with more than 12 years of development experience; mostly working on Web and Microsoft .Net technologies.
Updated on September 17, 2022Comments
-
NimsDotNet almost 2 years
Is there any way to specify a Group Policy only for the users who are members of a trusted active directory domain?
-
ThatGraemeGuy about 15 yearsI think you're right on the money. Group Policy cannot cross domain boundaries, even in the same forest AFAIK.
-
NimsDotNet about 15 yearsYes Evan, you have described exactly what I am trying to accomplish! too bad I can't do it with group policy: :(