I am trying to implement this as it is not built into the FSMO transfer for whatever reason...
But when it comes to creating or messing with existing GPOs attached to the Domain Controllers OU, I am a bit trepidatious. Perhaps I am being overly cautious. In any case, what are the best practices for interacting with the Domain Controllers OU?
For example, in implementing the above link, should I attach this WMI filter to the default domain controllers GPO that is already attached to the domain controllers OU, or should I create a new GPO just for the purposes of this (As the article seems to do in its scenario)? Then attach that GPO to the domain controllers OU and attach the WMI filter to the newly created GPO? What are the ramifications of doing this?
As with most networks, they are inherited from one IT person to the next, I am unsure of all of the modification done to the current domain controllers GPO so I am wondering what creating a new GPO at the same level would do in terms of possible conflicting settings and taking precedence?
My opinion is that I should simply attach this WMI filter to the pre-existing domain controllers GPO, but am wondering if this is not a good idea?
I am just trying to avoid messing things up and mitigating complexity as much as possible, if it is not required.