What is the purpose of 'Restricted Group' in Group Policy?

What is the aim of the Restricted Group that appears in Group Policy in Windows 2000?
Use the Restricted Group setting to control which user accounts are members of groups. By adding a group to Restricted Group, you control the membership of the group. By placing user and group accounts within the group at this location, you are designating the group membership. If group membership is changed at the local level, when Group Policy next refreshes, those group members will be removed. You can also force membership at the local level by placing members in the group within the group which has be entered in the restricted group container.

This is a way for domain admins to prevent a local administrator from modifying local group membership.

This was first published in August 2002

Dig Deeper on Endpoint security management tools



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: