James HaynesMemberApr 23, 2013 at 7:28 am #161405
these days i dont maintain a singular network. i am a contract worker that manages networks on a per call basis, so my involvement with the setup of these pre-existing is nil.
my latest project is for a small skool. they have a few servers: 2 DCs, a smoothwall (that i installed), a web/app/print server, and about 60 clients. the network has been piece-mealed and each tech has come and done what they thought was right…
they have now contracted me to redefine their policies. they have policies that are not in use anymore, like when they transitioned from norton to kapersky and two office policies: one for 2003, one for 2010…
so long story long, their GPMC looks crazy to me. i have managed larger networks (upwards of a thousand people and 4000 devices) and my ‘group policy objects’ screen never looked like this:
so i am trying to not make a big stink and cause any problems with what is working (as it is FCAT time) while at the same time working on smoothing things out.
and no, the last 4 techs are not available for questions or comments… and one of them loved some vb script so i need to ‘dumb-it-down’ for the scripturally challenged like myself.
what i am thinking, is that i will create a new set of policies and assign them to a security group that only has test members, then when i have them set up correctly i redefine the scope to include the real users.
i have read How to manually create Default Domain GPO and am thinking that i will apply the same theory to the new policy. instead of changing the GUID in the sysvol in the order presented in the kb, i would hold off till things are working and after verifying things work, then i would change the GUID…
am i even on the right track? ive never been asked to undertake a project like this and needed some input from you guys.
You must be logged in to reply to this topic.