I have a customer with small links and 1200+ wan sites. Problem I'm having is that without local DC's GPO's aren't applied properly on the workstations on logon, and the workstations are not locked down. The customer is not willing to buy an extra 1200 dc's. Since WAN costs are a bit silly the size of our pipes seem to be fixed as well. I don't really know how to get around this without tatooing the registry for the currently loggon on user, but that wouldn't give me the flexibility needed to achieve complete lockdown either. Any ideas around this?
List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
