The issue you'll run into is that the computer GPO and user GPO settings aren't identical - there is some overlap but not significant enough to be able to exclusively use one or the other.
-------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. > -----Original Message----- > From: Charles Carerros [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 30, 2003 5:49 PM > To: [EMAIL PROTECTED] > Subject: [ActiveDir] GPO Question > > > Hey all, > > For the past few years I have been doing my GPOs primarily based up on > the user settings. (We don't have a firewall on my campus so by > disabling a lot of stuff using the security portion of the user GPO I > can help reduce the security risk.) However, I have just > been asked to > only use computer based GPOs (a migration scheme will leave > me no access > to user accounts). > > 1) I was wondering if anyone has any suggestion (pro or con) to doing > only computer based policies? > > 2) Are there any really good documents that might help clarify the > process by which loopback (and troubleshooting loopback) is > utilized? I > will probably need to implement this in order to have a good policy. > > 3) Does anyone here only do computer based policies? What is your > experience with them? > > I am going to re-read the Microsoft Group Policy white paper tonight, > but if anyone knows of any additional documentation that is related to > this and might discuss the issues (negative or positive) > about this type > of organization scheme, it would be tremendously helpful. > > Just for a little more background, if I end up implementing the scheme > that was suggested to me today it would consist of a five level OU > structure with 1 OU at 1 tier, 1 OU at 2 tier, 35 OUs at 3 tier, 4 OUs > at 4 tier and 2 OUs at 5 tier (not all of the 4th tier OUs will have a > fifth, only about 40% of them.) > > Does anyone have any feedback of having a five level nested OU > structure. I would like to maintain my current 3 tier OU > structure, but > I need some technical ammo to defend my structure with. > > Thanks, > > Chuck > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
