About WinServer2008 and Group Policy

Discussion in 'Windows Server Forums' started by Fahad Ahmed, Aug 12, 2012.

  1. Fahad Ahmed

    Fahad Ahmed New Member

    Joined:
    Aug 12, 2012
    Messages:
    20
    Likes Received:
    0
    Hi ,

    I have a question about WinServer2008 and Group Policies,I wanted to know that when we want to apply group policy on a some domain users, do we simply have to add the domain users into OU 1st and then apply Group Policy on them?

    I hope I am clear

    Thanks
     
  2. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    The Domain Member (whether that be a user or computer), once placed into a Domain OU, will have that group policy applied at login. The Group Policy is applied to domain users and computers in the following order (L, S, D, Ou) assuming "no exceptions".
    Order of processing settings: Group Policy
     
  3. Fahad Ahmed

    Fahad Ahmed New Member

    Joined:
    Aug 12, 2012
    Messages:
    20
    Likes Received:
    0
    Hi

    So can the group policy be changed later for domain users?

    Thanks
     
    #3 Fahad Ahmed, Aug 13, 2012
    Last edited: Aug 13, 2012
  4. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    Sure. Just remember that "domain users" is a very general term and they are subject to both the Default Domain Policy and to some extent the Default Domain Controller Policy. And then to any specific GPO (customized Admin Template, .adm, .admx) that may be unique to their particular OU container. As far as I know any GPO can be edited at any time.
    If you are just learning just make sure you understand the cascading nature of how GPOs are applied (Local, Site, Domain and then OU last) and that they impact both domain users as well as domain computers.
    And consider using tools like RSoP and GPResult (Google.... many tutorials, and videos) to help you better understand what's happening and expose problems regarding conflicting or contradictory GPOs.
     

Share This Page

Loading...