[gptalk] Re: General question about Machine and User Policy

  • From: "Alan & Margaret" <syspro@xxxxxxxxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Thu, 19 Apr 2007 00:11:08 +1000

Hi Martin,

 

Your statement "if I apply a user policy in a machine OU, it would apply to
every user that logged on to a machine in that OU " is not normally correct
. If you enable User policies in an OU that only contains machines, then it
has no effect at all.

 

When you enable a User policy, it is only applied to Users in that OU.
Similarly, if you enable a Machine policy in an OU it only applies to
Machines in that OU.

 

Of course, if you enable loopback processing, then the User will pick up the
User policies from the machine OU:- 

No LoopBack means the user gets the user polices in his OU only

LoopBack=Merge means the user gets the user polices in his OU followed by
the user policies in the machine OU

LoopBack=replace means the user gets the user polices in the machine OU only

(Hope this hasn't confused you.)

Alan Cuthbertson

 

 Policy Management Software:-

http://www.sysprosoft.com/index.php?ref=activedir
<http://www.sysprosoft.com/index.php?ref=activedir&f=pol_summary.shtml>
&f=pol_summary.shtml

 

ADM Template Editor:-

http://www.sysprosoft.com/index.php?ref=activedir
<http://www.sysprosoft.com/index.php?ref=activedir&f=adm_summary.shtml>
&f=adm_summary.shtml

 

Policy Log Reporter(Free)

http://www.sysprosoft.com/index.php?ref=activedir
<http://www.sysprosoft.com/index.php?ref=activedir&f=policyreporter.shtml>
&f=policyreporter.shtml

 

 

 

  _____  

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Martin Hugo
Sent: Wednesday, 18 April 2007 10:13 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: General question about Machine and User Policy

 

Thanks for the responses everyone.  Reason I asked is because it seemed to
me that if I apply a user policy in a machine OU, it would apply to every
user that logged on to a machine in that OU.  Then it ocurred to me that if
a user whose own policy (from their user OU) is at odds with the machine's,
which would win.

Anyway, seems it depends on the ADM itself.

Martin T. Hugo
Network Administrator
Hilliard City Schools
Tel: 614-921-7102
Martin_Hugo@xxxxxxxx

gptalk@xxxxxxxxxxxxx writes:
Machine Policy, for sure...
 
Regds,
LP

Martin Hugo <Martin_Hugo@xxxxxxxx> wrote:

  
Hello,

Just a general question; if a user policy and a machine policy are at odds,
who wins?

Martin T. Hugo
Network Administrator
Hilliard City Schools
Tel: 614-921-7102
Martin_Hugo@xxxxxxxx





   


  _____  

Yahoo! Mail is the world's favourite email. Don't settle for less, sign up
for your free account today.

Other related posts: