applying security template

A

AP

I am deploying group policy to my AD. As my boss would
like me to import some "group policy template" but I find
nothing. Is there any "group policy template" for
download or already embeded?

I can only find some embeded "security template" and
would like to apply the highest security template for dc
and workstations. I am confused that where should the dc
template apply and where should the workstation template
apply...? Should I apply the dc template on the "domain
controller security policy" or the "domain security
policy" or the "local security policy"? And how's
the "workstation template" apply to? to the "group
policy" under "Active Directory Users and Computers"?
I have no idea, please help...
 
C

Curtis Clay III [MSFT]

Hello AP,
I strongly suggest you test any template you apply to your domain before
putting it into production. Here is more information on how best to
accomplish this.

216735 Methods Used to Apply Security Settings Throughout an Enterprise
http://support.microsoft.com/?id=216735

321679 HOW TO: Manage Security Templates in Windows 2000 Server
http://support.microsoft.com/?id=321679

309689 HOW TO: Apply Predefined Security Templates in Windows 2000
http://support.microsoft.com/?id=309689

This posting is provided "AS IS" with no warranties, and confers no rights.
 
S

Steven L Umbach

You can access and view templates using mmc in the run box and selecting security
templates. You can also add the Security Configuration and Analysis tool there to
compare your current settings to those in a template and help create custom ones. Do
NOT rush to add any templates as you could shut your network down or prevent users
from logging on or changing passwords. Changes to security policy need to be planned
ahead of time and documented and a lot depends on if you have "downlevel" clients. In
general security changes for domain controllers should be applied to the Domain
Controller Security policy level and workstation computers can be configured at any
level, but it is easiest to manage at the domain or Organizational Unit level. Be
sure to test changes ahead of time and have a fallback plan. Read the Windows 2000
Security Hardening Guide for specific information on security settings and the
ramifications of such changes. It is available in the link below. --- Steve

http://www.infosec.uga.edu/windows.html
http://support.microsoft.com/?kbid=309689
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

how to remove security policy template that was once applied 1
domain security policy 6
Applying Custom Security Templates with GPOs 3
Group Policy template add/remove template 1
Security event log exceeds configured size limit 0
Group Policy 1
Domain Security Policy 2
Undoing Security Policy 3

Top