posted on Sep, 11 2016 @ 03:55 PM
a reply to: navione
create another group, add him to the group and then add the group to the policy and then select "deny" for that group for "apply group policy"
Then going forward you should be able to simply add users to that group to exclude them from having the drives mapped.
To clarify, you'll be looking under the "delegation" tab and clicking the "advanced" buttons to edit the permissions. You could also do it without
adding your uncle to the group and just specifying the "deny" permission for his account alone.
This is the backasswards way of doing it of course. The right way would be to create a group, add the users to that and then add then apply the policy
to that group rather than the domain users group.
here I found you a blog
with step-by-step instructions with pictures.
edit on 2016-9-11 by theantediluvian because: (no reason given)