Solved

Administrative Templates

Posted on 2010-11-24
5
422 Views
Last Modified: 2012-05-10
Hi guys,
I hope you can help.

We have a requirement to move 3 servers from one subdomain to another subdomain.

So,

subdomainA
            |-------------- serverOU
                                       |------------------ server gpo
                                       |------------------ user gpo

to

subdomainB
            |-------------- serverOU
                                       |------------------ server gpo
                                       |------------------ user gpo

Now,

In the original subdomain (subdomainA), there are 2 gpos for the serverOU container.
Each of these OUs has administrative templates added, around 6 of them.

When I move these 3 servers into the new subdomain (subdomainB), I want to ensure that the 2 gpos attached to the new OU in this new domain, are identical in every way to the original 2 gpos in the original domain. This will mean adding the required admin templates to the new serverOU container in subdomainB to the 2 new gpos in here.

My question is this.

In the new subdomainB, can I do the following?

1.Open up each new gpo
2.Add the required admin templates to each new gpo by pointing to the location of the Adm folder for the original gpo in the old subdomain?

Is this safe to do so?

Any help greatly appreciated.

0
Comment
Question by:Simon336697
  • 3
  • 2
5 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 34210290
You could go into the GPO and just copy those custom ADMs.

The easier way would be to backup/export the GPOs in GPMC (see screenshot) and then import them in the new domain.  More info

http://technet.microsoft.com/en-us/library/cc785343(WS.10).aspx

Thanks

Mike
GPMC-export-import.png
0
 
LVL 1

Author Comment

by:Simon336697
ID: 34214857
Hi mkline71, thanks so much for your help mate.
That makes perfect sense.

I created 2 new "blank" group policies in the new subdomain, because I wanted to keep it clean.

I was a bit dubious about doing the import option which I knew about because I thought that importing the settings from a group policy that exists in another domain might cause issues.

But you dont see this as a problem mate?
0
 
LVL 1

Author Comment

by:Simon336697
ID: 34214863
The other thing is, when you do an import of all the settings, does this import the account information, eg.if the computer accounts are part of a secuity filter for a gpo, but they dont as yet exist in the new domain, then when you import the settings, they will not be there in the new gpo.
0
 
LVL 1

Author Comment

by:Simon336697
ID: 34228436
Thanks so much mkline, really appreciate it.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 34230662
Sorry I didn't respond back, long holiday weekend.  You can use migration tables for some of those group references, not 100% sure on the security filtering though.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question