Re: Group Policy Delegation
- From: "Mr Happy" <cdollar@xxxxxxxxx>
- Date: 5 Jan 2007 13:19:58 -0800
"Please let me know the detail purpose of your action."
I trying to I am trying to control the local windows firewall on the
workstations. Enabling certain ports to be opened and specific
programs to be disabled.
I double checked my settings and tried a different approach. I added
the computer name to the deligation list then added the Apply Group
Policy check for it alone.
It worked!
I tried once more to apply the policy to Authenticated users and
brought down the entire corporation. (oops)
After removing the policy and enabling the company to work, I checked
the Domain controller firewall. It is dissabled, because a alternate
firewall is being used by the server. I enabled it for a second and
found the same problem as in having the policy enabled, So I added the
server to the list and denied the right to Apply Group Policy for the
Firewall GPo. When I enabled the policy for Authenticated users it
worked properly.
I guess my question is this...
Is it considered "Standard Policy" to remove the Domain Servers and/or
Administrative accounts from All policies in general or policies like a
firewall policy?
.
- Follow-Ups:
- Re: Group Policy Delegation
- From: Terence Liu [MSFT]
- Re: Group Policy Delegation
- Prev by Date: Re: Setting up new SBS
- Next by Date: How do i restrict users from logging in to a PC
- Previous by thread: Re: 2nd modem not detected in Fax service
- Next by thread: Re: Group Policy Delegation
- Index(es):
Relevant Pages
|
