Solved

Applications of Group Policy

Posted on 2004-03-28
7
196 Views
Last Modified: 2013-12-04
Can any smart person there solve this question for me? Thanks..


"You are the administrator of your company’s network. The network consists of 1 Windows 2000 domain. The domain consists of 4 OU (Organisation Unit) as shown. All OUs contain users for their department. The Network Administrators are in the IT OU. You want to centralize security policy for your domain. You create the following 3 Group Policies. How should you apply the Group Policy?


    -Main OU
          -IT OU
          -HR OU
          -Sales OU
          -Finance OU


I.      Group Policy 1 defines Password, Audit and User Rights policies
II.      Group Policy 2 defines User Desktop policy
III.      Group Policy 3 defines a high security User Desktop policy for network administrators."



Anyone Can Give Me the DETAILS STEPS to solve the above question and the 800 Points will be yours!!!
THANKS IN ADVANCE........ =)
0
Comment
Question by:pika83
7 Comments
 
LVL 6

Accepted Solution

by:
DanniF earned 500 total points
ID: 10702092
Hmmmm I hope this isn't your homework :).

I. You should apply this policy on Domain level as this should affect ALL users. (password and security policy)

II. This one goes to the 3 user OU's (HR, Sales and Finance).

III. This one goes to the IT OU as this is only for network administrators.

Hope this helps and good luck,

Daniel F.
0
 
LVL 6

Expert Comment

by:Joseph_Moore
ID: 10702905
Actually, I would put Group Policy 1 on Main OU, since GP is inherited by all child OUs (unless the inheritance is denied). That way, all OUs would get GP1, and you don't need to mess with the Domain-level GP.
Other then that, I agree with DanniF on GP2 and GP3.
0
 
LVL 7

Expert Comment

by:Isigow
ID: 10703263
Actually, just put Group Policy I and II on the Domain level (Main OU)
Then put GPIII on the IT OU.
Inheritance level will override the Previous User Desktop created via GPII when you are in the IT OU, thus allowing only GPIII to affect users in the IT OU, but letting GPII still affect users in the other OU's

Isi
0
Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

 

Expert Comment

by:Antowh76
ID: 10709848
-Password policies must be set at domain level to take effect, so
I. must be applied at domain level

II. and III, I agree with Isigow.

Regards, Antonio
0
 
LVL 7

Expert Comment

by:Isigow
ID: 10709976
yeah I think I said that :)

Isi
0
 
LVL 6

Expert Comment

by:DanniF
ID: 10712417
But why would you want to be:

A) Setting Domain level policies when you don't need to ?

B) Having policies override each other when you don't need to ??

I'd rather do it this way than counting on the fact that the policies override each other correctly.


In fact, If this was MY domain I would create an OU called Users where I would place all normal user OU's (HR, Sales and Finance in this case) and then I would place the IT OU outside the Users OU as I have completely different policies for the two.

So mine would be like this:

   
-DOMAIN-
     -IT OU
     -Users OU
           -HR OU
           -Sales OU
           -Finance OU

Anyways, I don't think you can do this as you have a question you need to answer. Just running off a bit there :)

Good luck,

Daniel F.
0
 

Author Comment

by:pika83
ID: 10756862

Hey guys..

Thanks a million! Really appreciate it ;)


Take care =)
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Flux question 2 99
Was laptop hacked? 11 90
Right-Click in Explorer Very Slow in Windows 10 3 102
Windows Network & Server security audit tools or script ? 2 88
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now