I've done this, it was a bad idea. Group Policy should be applied during the automated domain join.
Daniel Wolf From: [email protected] [mailto:[email protected]] On Behalf Of Ramirez, Christopher Sent: Thursday, February 11, 2016 2:59 PM To: [email protected] Subject: [MDT-OSD] Adding GPO to reference image Security has asked me about hardening our base image by adding our AD GPO settings to the reference WIM file. I think this is unnecessary as GPO comes down as soon as the device is joined to the domain during the SCCM TS. I was unable to find any articles discussing this approach. Anyone have thoughts on why adding the same GPO's applied by AD locally to the reference image is a good or bad idea? Christopher Ramirez CHRISTUS Health AI Client Device Engineer II - Team Lead (210) 703 - 2981 CONFIDENTIALITY NOTICE: Confidential information, such as identifiable patient health information or business information, is subject to protection under state and federal law. If you are not the intended recipient of this message, you may not disclose, print, copy or disseminate this information. If you have received this in error, please reply and notify the sender (only) and delete the message. Unauthorized interception of this e-mail is a violation of federal criminal law.
