Re: Bypass Domain GPO when not connected to network?

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 10/25/05 

Date: Tue, 25 Oct 2005 12:39:36 -0500

Hi Ross.

Like I said you may also want to post in one of the Microsoft
Active_directory newsgroups also. someone else may have a creative solution.
The policy that was configured via user rights is "computer" configuration
which is why it applies to all users on the computer. I don't know if your
remote users are centralized or not but another possibility is to create
another domain controller [could be on a laptop] and ship it to them to
connect to on a network if you have someone that could be responsible in
setting it up and securing it contains all your AD info]. Even though such
domain controller might be disconnected from your main network and its
security logs would show that it can not find the other domain controllers
it just may work and of course the computers would need to have their dns
configured to point to it. If that idea sounds interesting try testing it
out first. With the expense involved with having users coming in you may
also want to contact Microsoft support first. --- Steve

"Ross Luker" <ross_luker@hotmail.com> wrote in message
news:1130251798.063237.68580@g43g2000cwa.googlegroups.com...
> Damn, ok....
>
> Unfortunately the VPN is a custom app, rather than using Windows dialup
> networking, so we can't use that...also, ALL accounts on the PC are
> locked in the same way (I would have thought the domain ploicy would
> only apply to domain accounts, but it appears to have applied globally
> to the PC). Oh well, guess the users will have to come in...thanks for
> the advice...
>

Relevant Pages

  • Re: IP Addresses everywhere.
    ... If you want to change the IP address of the network adapter used to connect to the Internet from a dynamically assigned address to a statically assigned address, use the following procedure to reconfigure the network connection. ... Open Server Management and then click Internet and E-mail. ... I did not use the "global" or "universal" network configuration program to configure the server the second time I set it up. ... I guess in this case global would be the Server Manager with all of the nifty HTML looking links, that Microsoft may one day turn into their own supercomputer. ...
    (microsoft.public.windows.server.sbs)
  • Re: Unable to logon locally to windows 2003 DC
    ... windows 2003 domain controller if the network cable is unplugged. ... The domain controllers run DNS and are configured ... The network subsystem must be up and running for DC functionality to work. ... Microsoft MVP - Directory Services ...
    (microsoft.public.windows.server.active_directory)
  • Re: offene Ports
    ... Network Ports Used by Key Microsoft Server Products ... Windows Small Business Server 2003 Getting Started Guide ... Configuration Settings for an Existing Firewall Device ...
    (microsoft.public.de.german.backoffice.smallbiz)
  • Re: offene Ports
    ... > Network Ports Used by Key Microsoft Server Products ... > Windows Small Business Server 2003 Getting Started Guide ... > Configuration Settings for an Existing Firewall Device ...
    (microsoft.public.de.german.backoffice.smallbiz)
  • RE: Group Policy Problems on new server
    ... Microsoft Online Partner Support ... | The Domain controller for Group Policy operations is not available. ... | access another server that's in a another domain, ... | the network resource......There are currently no logon servers available ...
    (microsoft.public.windows.server.migration)
Loading