Solved

Policy

Posted on 2004-09-14
2
362 Views
Last Modified: 2010-04-11
Hi guys,

When  a policy is linked to the domain computers these include notebooks and workstations right..(laptops and workstation) but without the servers....
and if someone created a policy for notebook and workstation and linked both policies to the domain computers which one takes precedence? both have the first 3 settings the same
but the notebook has a little more settings  than the workstation...

Thanks
0
Comment
Question by:agbor1960
2 Comments
 
LVL 2

Assisted Solution

by:merlinmage
merlinmage earned 100 total points
ID: 12053989
When policies are applied they are applied at the following 4 locations throught Active Directory

Domain Level (there is a default domain policy configured)

Sites and Services Level (no default policy located here)

Orginizational Unit Level (no default policy located here)

and then Aplied Localy to the computer (holds whatever the last policy settings were)

What this means is that any computers that are a part of the domain apply the Domain be they normal workstations or laptops they will have the default domain policy applied to them plus any other policies that you configure at that level.

The Policies get applied in the order that I have written them in

1st is Domain
2nd Sites and services
3rd orginizational units
4th local policy

whatever is applied LAST is what takes precedence.. meaning that if you have conflicting policies between an orginizational unit and the domain level policy then the Orginizational Unit will actually take precendence over the Domain policy.

When you have 2 policies that are held in the SAME location - for example you have configured 2 policies at the domain level it applies the bottom one in the list first and then the one above that next.  Meaning that whatever is on top takes precedence.

I hope this helps
0
 
LVL 83

Accepted Solution

by:
oBdA earned 150 total points
ID: 12062946
Sorry, but the correct sequence in which policies are applied is "LSDOU":
1. Local policies
2. Site policies
3. Domain policies
4. Organizational Units
(5. Nested OUs)
Policies applied later will override policies applied earlier.

Microsoft Windows 2000 Security Hardening Guide
Chapter 4 - Security Configuration
http://www.microsoft.com/technet/Security/prodtech/win2000/win2khg/04config.mspx
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Let’s list some of the technologies that enable smooth teleworking. 
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now