troubleshooting Question

GPO Best Practices

Avatar of LockDown32
LockDown32Flag for United States of America asked on
Active Directory
6 Comments1 Solution94 ViewsLast Modified:
Looking for some "standards" or "Best Practices". I have been told to never edit the Default Domain or Default Controller Policies. Is that really "Best Practices"?

So as a general rule (and I know there are exceptions) most policies should be linked to either the Computer OU or the User OU depending on what the policy does?

Do you try and stay away from writing a new policy for every tiny setting and do something like make a generic "MyCompany Workstation Policy" and "MyCompany User Policy" and keep as many applicable settings in as few polices as possible?
Adam Brown
Cloud Security Consultant

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Top Expert 2010

The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.

Join our community to see this answer!
Unlock 1 Answer and 6 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 6 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros