esbfern
asked on
GPO Removal Question
In our institute we end users that do either administrative functions or work in labs. All of which need the ability to logon with their domain credentials. So we've setup two OU's for those workstations called Admin and Lab. The computers that the admin persons use have 5 group policy objects applying down to them. Contained in those GPO's are hunders of federally mandaded settings. Computes in the LAB ou's CAN NOT have the Federally mandated policies applied to them out of fear these settings will break scientific applicaitons.
So here's my question If a comptuer object is moved into the "Admin" OU, thus inheriting those settings, then moved back into the LAB OU, will those federally mandated policies go back to what they were before?
So here's my question If a comptuer object is moved into the "Admin" OU, thus inheriting those settings, then moved back into the LAB OU, will those federally mandated policies go back to what they were before?
To answer your question, yes. They should go back to what they were, unless those GPO for Admin group install some software.
ASKER
Can you please show me a microsoft document of this. I think this depends on the OS and what policy is applied.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
One simple way of knowing for sure is do a test. setup a machine in Lab ou, make sure everything works fine, move it to admin ou, force to gpupdate to apply all the GPOs , then take it out and put back to lab.
ASKER
It's a little more complicated than that. Just found this http://technet.microsoft.com/en-us/library/cc736484.aspx
ASKER
Shift-3: How do I know which Group Policies will be put in these locations:
HKEY_LOCAL_MACHINE\Softwar e\Policies
HKEY_LOCAL_MACHINE\Softwar e\Microsof t\Windows\ CurrentVer sion\Polic ies
HKEY_CURRENT_USER\Software \Policies
HKEY_CURRENT_USER\Software \Microsoft \Windows\C urrentVers ion\Polici es
Are all policies under the administrative templates in these locations?
HKEY_LOCAL_MACHINE\Softwar
HKEY_LOCAL_MACHINE\Softwar
HKEY_CURRENT_USER\Software
HKEY_CURRENT_USER\Software
Are all policies under the administrative templates in these locations?
ASKER
Here's the answer for the administrative Templates section of a GPO. Shift-3 is correct http://technet.microsoft.com/en-us/library/cc736484.aspx