ALL >> System-Network-Administration >> View Article
How Group Policy Is Applieda
Because nonlocal GPOs are applied hierarchically, the Security+ benefits user or computer's configuration is a result of GPOs applied to its site, domain, and OU. Group Policy settings are applied in the following order:
1.Local GPO. Each computer running Windows Server 2003 has exactly one GPO stored locally.
2.Site GPOs. Any GPOs that have been linked to the site are applied next. GPO application is synchronous; the administrator specifies the order of GPOs linked to a site.
3.Domain GPOs. Multiple domain-linked GPOs are applied synchronously; the administrator specifies the order of GPOs linked to a domain.
4.OU GPOs. GPOs linked to the OU highest in the Active Directory hierarchy are applied first, followed by GPOs linked to its child OU, and so on. Finally, the GPOs linked to the OU that contains the user or computer are applied. At the level of each OU in the Active Directory hierarchy, one, many, or no GPOs can be linked. If several group policies are linked to an OU, then they are applied synchronously in an order specified by the administrator.
...
... This order means that the local GPO is applied first, and GPOs linked to the OU of which the computer or user is a direct member are applied last, overwriting the earlier GPOs. For example, you set up a domain comptia security certification to allow any user to log on interactively. However, an OU GPO, set up for the domain controller, prevents everyone from logging on except for certain administrative groups.
The following interactive logon tasks are supported across forests: applying Group Policy to user or computer objects across forests, and applying loopback processing across forests. This is a new feature of the Windows Server 2003 family.
If there is a conflict between the computer configuration settings and the user config-uration settings, the user configuration settings are applied because the user settings are more specific.
Using Security Groups to Filter GPO Scope
By now you've learned that you can link a non-local GPO to a site, domain, or OU. However, you might need to apply GPOs only to certain groups. Although you cannot directly link a GPO to a security group, there is a way to apply GPOs to specific security groups. The policies in a nonlocal GPO apply only to users who have Read and Apply Group Policy permissions for the GPO set to Allow. Therefore, by setting the appropriate permissions for security groups, you can filter Group Policy to influence only the computers and users you specify. Note that the Apply Group Policy permission is not available for the local GPO. For more information on filtering GPO scope by using Network+ certification security groups, refer to Lesson 3.
Add Comment
System/Network Administration Articles
1. Fiber Fused Biconical Taper Systems And Fiber Cable Cutting Machine PotentialAuthor: Ryan
2. Understanding Polarization Maintaining Fiber Rotation Systems And Their Applications
Author: Ryan
3. Cat6a Patch Cable: The Best Preference For Comprehensive Cabling
Author: Ryan
4. A Brief Idea About The Mtp/mpo Cables And Their Use
Author: Ryan
5. 5 Reasons Why A Smart Bus Ticketing System Is The Future Of Public Transport
Author: Limon
6. How To Implement Technology In Your Inbound Call Center?
Author: DialDesk
7. How To Choose An Enterprise Help Desk It Support Company
Author: Entrust Network Services
8. Cost-effective Network Solutions For Offices In Singapore
Author: Entrust Network Services
9. Choosing Between Uv Light And Heat Ovens For Superior Performance
Author: James
10. The Right Tools And The Right Radius Are Vital In A Fiber Optic Polishing Process
Author: James
11. Lc And Sc Connectors Explained: Which Fiber Connection Is Right For You?
Author: James
12. A Closer Look At Armored Fiber Patch Cables
Author: James
13. The Essential Guide To Fiber Connectors: Sc, Fc, Lc, And St Explained
Author: Ryan
14. Wireless Network Setup Solutions For Offices By Entrust Network
Author: Entrust Network Services
15. Pcb Manufacturing: Understanding The Burn-in Test Process
Author: Ryan