Link to home
Start Free TrialLog in
Avatar of Craig Paulsen
Craig PaulsenFlag for New Zealand

asked on

Active Directory - Group Policy=Enforced-NO

Team, Can you good folk please give me an easy explanation that I can convey to a one the technical consultants for my client, what the "NO" in enforced actually entails (see attached), we know that this policy applies to all users in an OU called TIER 1 and is working
Many thanks
GPO-Enformed-NO.jpg
Avatar of Joseph Hornsey
Joseph Hornsey
Flag of United States of America image

The default behavior of a GPO is to apply its settings.  Those settings are propagated down the hierarchy like NTFS permissions are.

However, you can block inheritance of a GPO which keeps settings from the parent from being applied.

The "Enforced" option tells the GPO to override that block and apply the settings anyway.

It is Microsoft's best practice to limit the use of overrides and blocks as much as possible.
Here's a good explanation of managing GP scope:

https://technet.microsoft.com/en-us/library/cc772166.aspx
Avatar of Craig Paulsen

ASKER

Thanks Joseph, so I'm my case enforced is set to no, but the policy is still applying, even I'm struggling to grasp this, let alone explain to another person
ASKER CERTIFIED SOLUTION
Avatar of Joseph Hornsey
Joseph Hornsey
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thanks mate, appreciate the time taken to detail that
Thanks heaps mate
My pleasure!

Like I said, that stuff can get pretty convoluted pretty quickly.

Glad I could be of help!