Bayt.com

Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

What if my USER level group policy conflict with MACHINE level group policy, which policy will got domination ?

<p>If MACHINE level policy conflict with USER level policy, what will be the result ?Say for example many different users login from a machine that has a specific GPO applied and users logged on that machine has own GPO, which one will be applied and dominated, i am asking for the priority of GPO ?</p>

Windows Server 2008 Group Policy Active Directory
user-image
Question ajoutée par Hayat Mohammad Niazi , Senior IT Consultant , Creative Networks
Date de publication: 2014/12/02
Apprécier (0) Vues (24) Suiveurs (7) Réponses (7) Report Question
Ajoutez Une Réponse
Inscrivez-vous ou connectez-vous pour répondre.
Ashish Awasthi
par Ashish Awasthi , System Administrator , Layton IT Services Pvt Ltd.

When a User Level Policy conflicts with the Computer Level Policy then computer level policy always wins.

Mohammed Abdul Samad
par Mohammed Abdul Samad , System Administrator , Dar Al Yaum Media House

 

Group Policy processing and precedence order of processing settings are below.

 

•Local

 

•Site

 

•Domain

 

•Organizational Unit.

 

More info you can see below link,

 

http://technet.microsoft.com/en-us/library/cc785665(v=ws.10).aspx

 

Three special cases deserve consideration during migration:

 

◦ If the computer account object is in a Windows NT4.0 domain and the user account object is in Active Directory, System Policy for the computer only (not user) is processed when the user logs on. Then, user (not computer) Group Policy is processed.

 

◦ If the computer account object is in Active Directory and the user account object is in a Windows NT4.0 domain, computer (not user) Group Policy is processed during computer startup. When the user logs on, System Policy for the user (not computer) is processed.

 

◦ If the computer and user accounts of the computer are members of a Windows NT4.0 domain, only System Policy (not Group Policy) for the computer and user is applied when the user logs on.

 

sreenivasulu puli
par sreenivasulu puli , Technical Lead L3 on Windows and Vmware Administration , techmahindra

Computer settings will have high presidency over user settings always.

Mohamed Rashad
par Mohamed Rashad , Technical Operation Owner , Orange Business Services

Computer settings will override user settings

Syed Asgar Mahmood Zaidi
par Syed Asgar Mahmood Zaidi , Senior System Engineer , Royal Hospital

Computer configuration settings apply to computers, User configuration settings apply to users. If set in conflicting manner user settings will take precedence . If you use "Loopback" mechanism computer settings can replace user settings. Group Policy Applying Order Precedence GPOs are applied Site =>Domain => OU => Sub OU=> Computer configuration => then user configuration http://technet.microsoft.com/en-gb/library/cc785665(v=ws.10).aspx

Qazzafi Ashraf
par Qazzafi Ashraf , IT Network Manager , Oxford University Press, Pakistan

Here are the complete understanding for the GPO related precedence

 

http://technet.microsoft.com/en-us/library/cc785665(v=ws.10).aspx

 

http://blogs.technet.com/b/musings_of_a_technical_tam/archive/2012/02/15/understanding-the-structure-of-a-group-policy-object-part-2.aspx

 

However i always put GPO on either user or computer base and disabled other (for instance if i need to put any policy on user base i used to disabled computer base) depending on the need so no conflict can be arise during implementation.

Utilisateur supprimé
par Utilisateur supprimé

User Level Policy will take place

Ecrivez Votre Réponse
More Questions Like This