I have a GPO that uses
ComputerConfigurationPoliciesAdminstrativeTemplatesWindowsComponentsFileExplorerSet a default associations configuration file to set the file associations for a particular computer.
Is it possible to control this by a combination of user and computer, rather than just by computer. eg if
UserA logs onto
Computer1, they get one set of file associations, but if
UserB logs onto
Computer1, they get a different set? I realise I would need multiple GPOs for this setup.
I’ve tried creating a security group with the users I want to target, but the policy isn’t being applied because
Filtering: Denied (Security). I guess this is because it’s a computer level policy, and not a user level one? Thanks.
In response to @OOOO’s comment, there are some settings, such as file associations, that are implemented via a computer policy, but that are also relevant to a particular user.
I have managed to make this work (I think!), by creating a security group, and adding both the users and the computer into that group. The GPO is applied, and seems to work for the users I have specified, but I am wondering if the computer policy part is working because the computer is in the security group, rather than the combination of computer and user.
Does anyone know if the computer policy is applied because the user and computer are part of the group, or is it just because of the computer’s membership in said group?