Solved

gpo question about enforced

Posted on 2008-06-12
4
853 Views
Last Modified: 2012-06-27
in a gpo what does it meand enforced yes no
0
Comment
Question by:zenworksb
  • 2
4 Comments
 
LVL 11

Expert Comment

by:Forrest Burris
ID: 21769943
Enforced means that when each PC polls the server for running group policies, it will only enact the ones that are enforced. If it is not enforced, it will SEE the GPO but ignore the enactment of it. It's like a REM line in a script file.
0
 
LVL 70

Accepted Solution

by:
KCTS earned 500 total points
ID: 21770029
An enforced policy is a policy that cannot be overridden. Normally when a policy is applied any configuration chnages it makes can be overridden by other policies applied afterwards, and policies can also be blocked with the "block inheritance" option.

If a policy is enforced ten any settings it applies cannot be overridden or blocked.

0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21770299
The Enforced setting is applied to individual GPO links to containers (OUs etc.) within your Group Policy structure. It does not apply to the GPO object itself - a GPO could be linked in two places, with one link enforced and the other not enforced.

Using the enforced option is just one of the ways to control inheritance of Group Policy settings by child containers and subsequently child objects. The normal procedure for inheriting settings if the same setting is set in two different policies is to use the policy which was set last - i.e. the child-most policy relative to the object the policy is applying to. If you Enforce a GPO link, ALL the policies within that GPO will never be overwritten by any child GPOs below the container where you link the policy.

Unless you have good reason to, you shouldn't set all your policies to Enforced as it can hamper troubleshooting when policies don't work correctly later on. There are also other ways to get around requiring enforced policies if necessary - organising OUs and objects better for example.

More info: http://technet2.microsoft.com/windowsserver/en/library/ec6f9770-6a45-49c1-a37f-648a9012827c1033.mspx?mfr=true
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21770354
So even after providing a link and some more information I don't get any points?
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Synchronize a new Active Directory domain with an existing Office 365 tenant
This article runs through the process of deploying a single EXE application selectively to a group of user.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question