+1. I've seen this pivot in highly regulated environments where the GPO affects a controlled asset/system then it's much more rigid.
Thanks, Brian Desmond [email protected]<mailto:[email protected]> w - 312.625.1438 | c - 312.731.3132 From: [email protected] [mailto:[email protected]] On Behalf Of William Robbins Sent: Friday, September 20, 2013 10:08 PM To: [email protected] Subject: Re: [NTSysADM] Change control....GPO Most of the environments I've worked in treat GPO's depending on level of impact. Domain-wide, go to Change Control processes. OU level required manager for that OU's sign off. GPO's making maintenance changes with low risk are treated the same as user account creation. HD Ticket or similar to track request and work. - WJR On Fri, Sep 20, 2013 at 9:55 PM, David Lum <[email protected]<mailto:[email protected]>> wrote: For you guys with a pretty well defined change control process - are incremental GPO changes (in this case we have a GPO that controls IE's trusted sites, I want to add enable auto logon with current credentials for sites in trusted sites) reviewed by people before the change? I'm thinking in larger environments it might be submitted by one person, reviewed and approved by another but not necessarily held until a formal change request meeting is convened? Normally I'd just whip this change out, but I need to think about the accountability process in general. David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229<tel:503.548.5229>
