GPO policy settings which trumps which?

Hey Experts,
Quick question regarding the GPO tree.  If, for example, I have a OU tree with the following policies, which one beats out the other?

Domain.local
   |
   |_domain policy
   |
   |____Users (OU)
                    |
                    |__another domain policy

To further the example for clarification, if I set the idle time for a TS session under the "domain policy" to be 10 minutes, and then go to the "another domain policy" and I want that OU group to have a different idle time of 20 minutes, is it safe to say that the policy most closely linked to the OU will win out with the users in that group having 20 minutes?  Or will the "domain policy" trump the "another domain policy"?

I'm assuming that the "another domain policy" is the last and final policy applied after the "domain policy".  Am I correct?
andlemirAsked:
Who is Participating?
 
ISWSIMBXCommented:
Group Policies apply from the top down.  So for example, a policy that has specific settings that is linked to the domain can be overriden by a policy linked to an OU with a different value for that specific setting.
0
 
EfrenMCommented:
the policies will work backwards, and apply the parent unless you disable that feature then you can ignore the parent policy
0
 
Mike KlineCommented:
The acronym you will want to remember is LSDOU...I've also heard that term used in tech interviews
http://technet.microsoft.com/en-us/library/dd277394.aspx
GPOs, once created, are applied in a standard order: LSDOU, which stands for (1) Local, (2) Site, (3) Domain, (4) OU, with the later policies being superior to the earlier applied policies.
Thanks
Mike
0
 
andlemirAuthor Commented:
Thank you experts!  I will keep the LSDOU in mind from now on.  Thanks ISW and MKL
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.