Personally, instead of blocking the default domain policy I
would create seperate policy objects with the settings that I wanted
filtered/blocked. But your "set policies on each domain" leads me to
believe that there are multiple domains in the forest involved here?
Domains by their nature have different security policies.
//SIGNED//
------------------------------------------------
David J. Perdue
Network Security Engineer, InDyne Inc
Comm: (805) 606-4597 DSN: 276-4597
------------------------------------------------
David J. Perdue
Network Security Engineer, InDyne Inc
Comm: (805) 606-4597 DSN: 276-4597
------------------------------------------------
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cflesher
Sent: Monday, February 14, 2005 09:05 AM
To: [email protected]
Subject: [ActiveDir] override default domain policy
I was in a meeting
last week and the issue came up if it is possible to override the default domain
policy and set policies on each domain. I always understood that you couldn't do
this. But if you block inheritance and apply another policy on an OU, what
happens? Furthermore is supposed to happen if the default domain policy is
disabled?
I'm going to test
this, but it would be nice to hear from the experts. I did look back in the
archives for this list, but it seemed like there was mixed feelings on the
possiblities.
Thanks.
Chris Flesher
The University of Chicago
NSIT/DCS
(773)-834-8477
