G
Grace
Please advice:
I have a small Windows 2000 domain: 200 users, 4 Win2k Servers, 4 Win2k3
servers, 1 Exchange 5.5. I created an OU for Our Computers (had to name it
differently since there already is a Computer container), with Workstations
and Notebooks OUs below, and an OU for User Accounts. I have a Test OU and
TSServer OU since I have a separate policy for TS users (works great BTW).
At the moment, I have 2 policies: one for Our Computers OU - it has a few
registry entries, security related, picked from the policy options, and a
policy for User Accounts OU that locks down users. I don't have
domain-level security policy (passwords, etc.) created yet.
I am ready to implement Windows Update policy w/WSUS server - it works
beautifully in test environment.
I am not sure what's the best way to organize policies. I read somewhere
that it's convenient to create a separate OU for all policies and just link
them to OUs as needed. If yes, how do I disable then delete the current
policies after recreating them for the new OU?
Any pointers/advice from the real world greatly appreciated...
Grace
I have a small Windows 2000 domain: 200 users, 4 Win2k Servers, 4 Win2k3
servers, 1 Exchange 5.5. I created an OU for Our Computers (had to name it
differently since there already is a Computer container), with Workstations
and Notebooks OUs below, and an OU for User Accounts. I have a Test OU and
TSServer OU since I have a separate policy for TS users (works great BTW).
At the moment, I have 2 policies: one for Our Computers OU - it has a few
registry entries, security related, picked from the policy options, and a
policy for User Accounts OU that locks down users. I don't have
domain-level security policy (passwords, etc.) created yet.
I am ready to implement Windows Update policy w/WSUS server - it works
beautifully in test environment.
I am not sure what's the best way to organize policies. I read somewhere
that it's convenient to create a separate OU for all policies and just link
them to OUs as needed. If yes, how do I disable then delete the current
policies after recreating them for the new OU?
Any pointers/advice from the real world greatly appreciated...
Grace