Re: local vs domain security policy settings
From: JK[MS] (firstname.lastname@example.org)
- Next message: Bill Belliveau: "Y2K hosting server"
- Previous message: Mike Johnson: "export security log automatically"
- In reply to: tin can: "local vs domain security policy settings"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "JK[MS]" <email@example.com> Date: Thu, 23 May 2002 13:34:53 -0700
If your local policies do not conflict with the domain policy then you
should be ok. You can just set the local policy setting to audit and leave
the domain policy setting undefined.
However if you want to set the domain policy setting explicitly such that it
is set to not audit and you want the audit turned on in just one machine
then you should put the machine in a different OU and set policy at the OU
-- JK [MS] [This posting is provided "AS IS" with no warranties, and confers no rights.] "tin can" <firstname.lastname@example.org> wrote in message news:email@example.com... > Is there anyway to get the local security policy to supercede the > domain security policy ? > > I have a sensitive app server that can only be logged on to by support > staff at the server console itself, and I want to record who and when > someone logs in and/or out at the server, but I don't want to set the > security policy for the entire domain to capture all logon/logoff > events (to much info).