Security Basics mailing list archives
Re: AD Policy audit tool for Windows 2000
From: Raoul Armfield <armfield () amnh org>
Date: Thu, 25 May 2006 12:15:29 -0400
Ramsdell, Scott wrote:
Koolk3, You want the "Group Policy Management" snap-in from Microsoft. Should work on 2000 as well as 2003. The tool shows you what settings each GPO sets. It doesn't, to my knowledge, provide a diff from an original install, so it isn't "ideal". However, you can easily get a default install config with a stand alone box and "dcpromo.exe" ;)
What we did was create an new Default domain policy and a new Default domain controller policy and use those to write our policies. This way if we ever need to go back to the default we can simply link the originals back and voila.
Raoul -- Raoul Armfield rarmfield at amnh dot org
Current thread:
- AD Policy audit tool for Windows 2000 Koolk3 (May 24)
- Re: AD Policy audit tool for Windows 2000 Saqib Ali (May 25)
- Re: AD Policy audit tool for Windows 2000 Koolk3 (May 25)
- Re: AD Policy audit tool for Windows 2000 Koolk3 (May 25)
- RE: AD Policy audit tool for Windows 2000 Roger A. Grimes (May 29)
- Re: AD Policy audit tool for Windows 2000 Rob McComber (May 29)
- Re: AD Policy audit tool for Windows 2000 Koolk3 (May 25)
- <Possible follow-ups>
- RE: AD Policy audit tool for Windows 2000 Ramsdell, Scott (May 25)
- Re: AD Policy audit tool for Windows 2000 Raoul Armfield (May 29)
- RE: AD Policy audit tool for Windows 2000 Crawley, Jim (May 29)
- Re: AD Policy audit tool for Windows 2000 Koolk3 (May 31)