Most people use a naming convention to have the list sorted, and this tends to "group" the GPOs.
What sorts of things are you imagining for grouping? Cheers Ken From: tony patton [mailto:[email protected]] Sent: Thursday, 6 August 2009 4:02 PM To: NT System Admin Issues Subject: Re: GPO for a single user I'd just be happy with a way to organise GPOs and WMI Filters, instead of a big flat messy list of both. It would be nice to have them grouped in some logical fashion. Regards Tony Patton Desktop Operations Cavan Ext 8078 Direct Dial 049 435 2878 email: [email protected]<mailto:[email protected]> Ben Scott <[email protected]<mailto:[email protected]>> 05/08/2009 18:14 Please respond to "NT System Admin Issues" <[email protected]<mailto:[email protected]>> To "NT System Admin Issues" <[email protected]<mailto:[email protected]>> cc Subject Re: GPO for a single user On Wed, Aug 5, 2009 at 1:02 AM, Ken Schaefer<[email protected]<mailto:[email protected]>> wrote: > Sorry, but I'm failing to see why this particular feature request > is one that should go in, but inevitable requests for additional > extensions to the functionality should not :-) Because I said so, of course. ;-) To me, it's a combination of the zero-one-infinity rule, and a more fuzzy concept that I'm finding hard to articulate, but has something to do with the fact that it makes sense to be able to apply things individually or in groups. We already have a mechanism for groups, but nothing for individuals (except a degenerate case of groups). I guess I'm thinking along the lines of HKCU vs HKLM registry settings, or /etc/profile vs $HOME/.profile for the Unix shell, etc. Like I said, I'm having trouble articulating this, but I'm pretty sure there's a difference. (I have a reason. Just give me a minute to think of one. ;-) ) Come to think of it, it probabbly would have made more conceptual sense for the design to have GPO application be driven by groups to begin with, with OUs being irrelevant for GPOs. We end up applying GPOs based on group membership a lot anyway, so why not just make that how it works? (I realize that may have been a performance issue, or a code maintenance issue due to all the crufty old NTLM code that still's around. I also realize this is 20/20 hindsight.) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
