GPO Replication to DMZ

  • Thread starter Thread starter David
  • Start date Start date
D

David

Hello all,

I have a machine in my DMZ that has been joined to the
company domain. This will allow internal users to log in
to the system and also allow non-domain users access to
services and files as needed.

The local Policy has 2 settings. One is Current setting,
the other is effective setting. It seems that MS rules
state that the local policy object will only become
effecttive if it syncs with the domian policy at least
once. Then those settings will stay current until you need
to do another update. Is there a way to force the server
to only accept Local Policy Objects so those become
effective settings and not look at the domain policy?

Any help is greatly appreciated.
 
I don't think that will work. From what I know, machine must be able to
communicate with the domain controller in order for any Local Security
Policy changes to be effective to make sure that no domain/OU settings will
override. That has been my experience with my laptops anyhow, and it makes
sense from a security standpoint.--- Steve
 
Back
Top