So, I got an idea. Everybody, who can drop pings, or SMB commutations, from his local machine to DC can prevent GPO updates! User can use IPSec policy (sic!) to do it :-) So, Laura right :-) And I'm wrong :-(
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
