I am the GPO administrator and I can change the IPSEC stuff, I'm just not able to import the .ipsec file in the security area. I was just trying to figure out if you were able to conduct that type of import on a GPO or if that only works on local workstations (which doesn't make sense) or the guy who set up my permissions may have just made a mistake when he granted me the admin rights to the GPO.
I guess I can ask the admin to recheck my privileges on the GPO to ensure that he has me set with the IPSEC part, but that doesn't seem that plausible of an option considering he said that he granted my privileges using the delegate administration feature.
Is there a big difference between using the .ipsec file instead of the .inf file?
Thanks,
chuck
Darren Mar-Elia wrote:
Charles- When you say you're importing IPSEC, I assume this means you have an .inf file that you've created that you importing into an OU-linked GPO? The ability to make changes to a GPO are governed by the permissions on the GPO object itself, which is not stored in the OU but rather under the System\Policies container in your domain (and also in SYSVOL). If you view the permissions on the GPO object itself, you should be able to see if you have modify rights on that GPO. If you don't, you'll need to get the owner of that GPO to grant you those rights explicitly for that GPO.
Darren
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charles Carerros Sent: Thursday, April 15, 2004 6:49 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Importing IPSEC Policies into an OU
Hey all,
This might seem kinda odd and maybe I'm just doing something wrong.
But I tried to import an IPSEC policy (that basically just does port blocking) into and AD but I keep getting rejected due to permissions (apparently).
Now I don't have Domain Admin rights to the domain, however I have been delegated complete authority to the OU that I'm working in. Does anyone know if there are additional issues dealing with the importing of IPSec policies at OU levels that I might be missing?
Thanks,
Chuck
-- Charles D. Carerros Systems Administrator Information Technology Office College of Letters and Science University of Wisconsin -- Milwaukee [EMAIL PROTECTED]
List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
-- Charles D. Carerros Systems Administrator Information Technology Office College of Letters and Science University of Wisconsin -- Milwaukee [EMAIL PROTECTED]
List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
