Re: Best location for policies
From: Jorge_de_Almeida_Pinto (UseLinkToEmail_at_WindowsForumz.com)
Date: 5 Oct 2005 16:36:18 -0400
> Please advice:
> I have a small Windows 2000 domain: 200 users, 4 Win2k
> Servers, 4 Win2k3
> servers, 1 Exchange 5.5. I created an OU for Our Computers
> (had to name it
> differently since there already is a Computer container), with
> and Notebooks OUs below, and an OU for User Accounts. I have
> a Test OU and
> TSServer OU since I have a separate policy for TS users (works
> great BTW).
> At the moment, I have 2 policies: one for Our Computers OU -
> it has a few
> registry entries, security related, picked from the policy
> options, and a
> policy for User Accounts OU that locks down users. I don't
> domain-level security policy (passwords, etc.) created yet.
> I am ready to implement Windows Update policy w/WSUS server -
> it works
> beautifully in test environment.
> I am not sure what's the best way to organize policies. I
> read somewhere
> that it's convenient to create a separate OU for all policies
> and just link
> them to OUs as needed. If yes, how do I disable then delete
> the current
> policies after recreating them for the new OU?
> Any pointers/advice from the real world greatly appreciated...
That would be a great way if you only had windows 2000. In w2k and
w2k3 if you use the default group policy editor (which sucks) you need
to assign an OU when you create a GPO. If you use the GPMC (works with
wxp and w2k3) you can just create the GPO and after that link it to
whatever OU you want. The GPMC is VERY COOL. It provides lots of fun
stuff like backing up ans restoring GPOs.
-- Posted using the http://www.windowsforumz.com interface, at author's request Articles individually checked for conformance to usenet standards Topic URL: http://www.windowsforumz.com/Active-Directory-location-policies-ftopict429032.html Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1438317