Since GPOs are essentially registry entries, it might be somewhat easy to implement a simple program that could give admins that fine-grain control that is missing from NT4-style .pol files.
What I would like to propose is a simple Win32 executable that could read from an encrypted text file (so the end-user can't change the entries) and stick those into the registry via logon scripting. I'm not one of those people that say "OK, here's an idea now someone make it," I'm perfectly willing and able to contribute.
My questions for this are:
- Am I barking up the wrong tree? Is there already another workaround? - Would anyone out there actually use it? - Is it truly practical?
Any advice on this from the community will be greatly appreciated.
-- Erich Vinson Chief of Technology TRG, Inc. ------------------------------------------------------------------------ 64 6F 6E 27 74 20 66 65 61 72 20 74 68 65 20 70 65 6E 67 75 69 6E
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
