Re: Default Domain Policy
From: Glenn L (the.only(delete)_at_gmail.com)
Date: 11/14/04
- Next message: Roger Abell [MVP]: "Re: Getting desperate: GPO applying incorrectly, PLEASE HELP ME!!"
- Previous message: Emyeu: "Disable changing IE proxy setting"
- In reply to: JrSnyper: "Re: Default Domain Policy"
- Next in thread: JrSnyper: "Re: Default Domain Policy"
- Reply: JrSnyper: "Re: Default Domain Policy"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 13 Nov 2004 19:52:38 -0800
I don't know if it is documented anywhere.
I know this from experience.
If you look at your default domain controller policy, in the user rights
assignments section, you will see the setting exchange domain prep modified.
It is the "managing audit and security log" user right.
restoring the domain controller policy will take this setting back to
defaults.
Now that you know the setting, you could just add the group back instead of
having domainprep do it.
Infact, you should write all the settings down (or take screen shots) under
user rights assignments and security options sections before you restore.
There may be other settings unique to your environment.
-- Glenn L CCNA, MCSE (2000,2003) + Security "JrSnyper" <JrSnyper@discussions.microsoft.com> wrote in message news:13F34D3F-D9C6-494B-A667-60A2A3C72E77@microsoft.com... >I only need to run the exchange domainprep if I restore default domain > controller policy? And dose any one knwow where this is documented? > > "Glenn L" wrote: > >> You should perform the restore on your PDC. >> W2K, use recreatedefpol.exe download here >> http://download.microsoft.com/download/6/1/8/618ecc9d-2edd-42fe-9a53-7f1971154697/RecreateDefpol.EXE >> W2K3, use DCGPOFIX.exe comes with OS >> >> recreatedefpol will restore both default domain and default domain >> controller policies. >> dcgpofix allows you to do one or the other or both. >> >> You must re-run Exchange "setup.exe /domainprep" if you restore the >> default >> domain controller policy. >> >> Thats it. >> >> Be sure you setup your company password and account lockout policies as >> soon >> as you can after the restore. >> >> -- >> Glenn L >> >> CCNA, MCSE (2000,2003) + Security >> "JrSnyper" <JrSnyper@discussions.microsoft.com> wrote in message >> news:B0CBDAEC-CD65-418E-88BD-D399AA795FF8@microsoft.com... >> >I have a mix Windows 2000/2003 Domain with a mix exchange 2000/2003 >> >setup. >> > I would like to reset my Default Domain Policy back to what windows >> > came >> > with. All of the information I find is for windows 2000 or 2003 but not >> > for >> > both, and non of them say anythig about exchange. >> > >> > >> > Chris >> > The Woodworth Group >> > 20941 East ST. >> > Southfield, MI 48034 >> > >> >> >>
- Next message: Roger Abell [MVP]: "Re: Getting desperate: GPO applying incorrectly, PLEASE HELP ME!!"
- Previous message: Emyeu: "Disable changing IE proxy setting"
- In reply to: JrSnyper: "Re: Default Domain Policy"
- Next in thread: JrSnyper: "Re: Default Domain Policy"
- Reply: JrSnyper: "Re: Default Domain Policy"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
