Edwin Betancourth
asked on
GPO vs Application
What takes presedence in the event the Group Policy Object is configured one way and a Windows end user application is set a different.
For example:
With in the Windows Settings/Security Settings/Security Options the policy is configured to Smart Card Removal Behavior = Lock Workstation.
However
The Smart Card Middleware that resides on the desktop is is configured to Card Removal Behavior= Logoff
Does the GPO take presedence?
For example:
With in the Windows Settings/Security Settings/Security Options the policy is configured to Smart Card Removal Behavior = Lock Workstation.
However
The Smart Card Middleware that resides on the desktop is is configured to Card Removal Behavior= Logoff
Does the GPO take presedence?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Sorry, aissim is correct. I was thinking of a configuration item in some kind of Tools-->Options screen, not having the middleware configure that setting in local GPO. domain-based GPO will always win out over local GP, as aissim indicates.
[a] The middleware would set the item in question
[b] GPO would overwrite the setting the next time it refreshes - every 90-is minutes on a member server or workstation
I'd have to mock something up in a test lab to confirm, but my hip shot is that you will wind up with non-deterministic behavior if you stay in that configuration.