Hello Meinolf
I have thought of that, however, if there is ever a further change,
then I would have to contact them again. I would like to retain as much
control as I can in the local environment. I also just rebuilt a system to
Win2K, and sucessfully changed the item that I wanted without the previously
mentioned troubles. I have solved my basic problem, but it still is a brute
force method. I would like to arrive at a solution which would allow me to
manage the remote local group policy from one machine.
I am going to (gingerly) attempt the remote LGPO mod on a few more
machines, using the Win2k box, logged in as an administrator on the local
OU. One machine done does not a verified solution make. If this is
successful overall, I will post what I have done, as according to all that I
have read on the net, I should not be able to sucessfully do what I just have
done. Any further comments are welcome.
Thanks
NMITGUY
--
Thank You
"Meinolf Weber" wrote:
> Hello NMITGUY,
>
> If there is the need for changing the server ip address and you are nmot
> allowed to configure it via domain gpo's, contact your higher level admin,
> that he should do the job for you.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.dts-l.org/goodpost.htm
>
> > Hi Folks;
> > I have the following situation. I am in a local OU in an AD tree.
> > I
> > have administrative control over all local computers, however control
> > of the
> > OU GPO is upstream, and not local. I have a mixture of XPSP2 and
> > Win2KSP4
> > machines (mostly XP, but a reasonable number of Win2K).
> > We recently went through a corporate level change, wherein
> > corporate is
> > no longer supporting SUS, and the prefered solution has become SMS.
> > The
> > local update solution (not my choice) is WSUS, updating from
> > Microsoft, and
> > only approving what corporate approves.
> > I have successfully installed, updated, and done the proper
> > approvals.
> > It is now time to change the URL of the update server XX.XX.XX.Z to
> > XX.XX.XX.Y:NNNN
> > on more than several hundred clients. I have written a script which
> > allows
> > me to see, and open, and modify a remote client's local group policy
> > settings
> > in a gpedit editing session on my local (XPSP2) machine. The group
> > policy
> > that is written back to the client follows the .adm template on my
> > local
> > machine and is (especially for the Win2K machines) incorrect, causing
> > truncation errors when you open gpedit locally on the machine that has
> > been
> > remotely managed (the URL of the update server shows that it has been
> > properly changed when group policies are remotely viewed, regardless
> > of the
> > errors when it accessed locally).
> > I am close to being able to modify this setting remotely from my
> > desk,
> > and yet at the same time a long way from it (the final process must be
> > bullet
> > proof across the client range of OS' (Win2K and XP). I can alter the
> > registry remotely, however, the next time that group policy updates,
> > it would rewrite the old values. I have two versions of the script
> > that allows remote manipulation, one in VBScript, the other a cmd
> > file. Below are the three line contents of the .cmd file
> >
> > @echo off
> > set /p remote="Please enter the IP of the remote computer : "
> > c:\windows\system32\cmd.exe /c gpedit.msc /gpcomputer:"%remote%"
> > P.S.
> > I have tried filtering in my gpedit view so that only properties
> > applicable
> > to Win2K show, but to no avail. I still get truncation errors when
> > opening
> > the group policy on the local computer after a remote edit on the
> > Win2K boxes.
>
>
>
Similar Threads
