On Tue, Feb 10, 2009 at 8:37 AM, Kennedy, Jim <[email protected]> wrote: > Got ya. I can see how that is causing you trouble, but that I stick with my > original answer that it is working as intended. You the Sys Admin decide > what sites are trusted when you push out the GPO not the user. That > is/should be the point of GPO's, you set them so they can't mess them up.
The Right Thing to do would be to offer separate options in the GPO to determine whether users can add their own sites, and/or whether the admin-defined site list used to add-to or replace whatever is there. This way, admins are limited to doing things a certain way. Great if that way matches up with the way you want, bad otherwise. Infrastructure should provide mechanisms which you can use to enforce your policies. It should not make your policy decisions for you. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
