Re: Security Templates
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 06/24/05
- Next message: Roger Abell: "Re: Login Interactively"
- Previous message: Ishmealm: "Re: Giving users permission to an MMC"
- In reply to: News Microsoft: "Security Templates"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 24 Jun 2005 07:27:11 -0700
Oh boy, am I ever glad Steve is back ! I completely overlooked
signifigance of mention this is W2k3.
I would in that case suggest using GPMC to back-up the most
heavily used (carrying the most policy settings) or the one into
which you are intending to import. This backup may then be
"cloned", i.e. imported (unlinked) under new names. To one
of these you may import. With the other of these you might
import the rollback obtained as Steve advised.
Now, here is where I would expect "got-ya" type things
might arise (if any), in preferences (the tattoo settings that
are not 'true policies"), in extensions like IPsec or Software
Restriction, or in adm extension settings (in other words,
the "mainline" true policy settings in Security section would
be handled well. So, just to be safe I would analyze with
the intended new template and then check that the GPO that
was built from the backup for potential use to roll back did
in fact have policy setting sufficient to reverse what the
analysis showed would be changed.
-- Roger Abell Microsoft MVP (Windows Security) "News Microsoft" <thestig@nobody.com> wrote in message news:esi9Wi$dFHA.2128@TK2MSFTNGP14.phx.gbl... > Hi > > Is there any way of rolling back the installation of security templates on > Windows 2003. I am about to deploy them to a live system after testing on a > test system bit would like some way of rolling back. > > >
- Next message: Roger Abell: "Re: Login Interactively"
- Previous message: Ishmealm: "Re: Giving users permission to an MMC"
- In reply to: News Microsoft: "Security Templates"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
