?
Solved

gpo question about enforced

Posted on 2008-06-12
4
Medium Priority
?
857 Views
Last Modified: 2012-06-27
in a gpo what does it meand enforced yes no
0
Comment
Question by:zenworksb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 11

Expert Comment

by:Forrest Burris
ID: 21769943
Enforced means that when each PC polls the server for running group policies, it will only enact the ones that are enforced. If it is not enforced, it will SEE the GPO but ignore the enactment of it. It's like a REM line in a script file.
0
 
LVL 70

Accepted Solution

by:
KCTS earned 2000 total points
ID: 21770029
An enforced policy is a policy that cannot be overridden. Normally when a policy is applied any configuration chnages it makes can be overridden by other policies applied afterwards, and policies can also be blocked with the "block inheritance" option.

If a policy is enforced ten any settings it applies cannot be overridden or blocked.

0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21770299
The Enforced setting is applied to individual GPO links to containers (OUs etc.) within your Group Policy structure. It does not apply to the GPO object itself - a GPO could be linked in two places, with one link enforced and the other not enforced.

Using the enforced option is just one of the ways to control inheritance of Group Policy settings by child containers and subsequently child objects. The normal procedure for inheriting settings if the same setting is set in two different policies is to use the policy which was set last - i.e. the child-most policy relative to the object the policy is applying to. If you Enforce a GPO link, ALL the policies within that GPO will never be overwritten by any child GPOs below the container where you link the policy.

Unless you have good reason to, you shouldn't set all your policies to Enforced as it can hamper troubleshooting when policies don't work correctly later on. There are also other ways to get around requiring enforced policies if necessary - organising OUs and objects better for example.

More info: http://technet2.microsoft.com/windowsserver/en/library/ec6f9770-6a45-49c1-a37f-648a9012827c1033.mspx?mfr=true
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21770354
So even after providing a link and some more information I don't get any points?
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question