Windows 2003 Domain Security

We just moved to Windows 2003 from an NT 4.0 domain. Under NT 4.0 there was
a "Domain Security Policy" node under "Administrative Tools". Now there is
only "Local Security Policy". What happned to "Domain Security Policy"
under Windows 2003? How do you now configure Domain Security Policies?

Thanks for any help.


Clayton

I found it! It's now part of a GPO: "Default Domain Policy".


Clayton



"Clayton Sutton" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> We just moved to Windows 2003 from an NT 4.0 domain. Under NT 4.0 there
> was a "Domain Security Policy" node under "Administrative Tools". Now
> there is only "Local Security Policy". What happned to "Domain Security
> Policy" under Windows 2003? How do you now configure Domain Security
> Policies?
>
> Thanks for any help.
>
>
> Clayton
>

You are best off not modifying the
Default Domain Policy
or the
Default Domain Controller Policy
You can define more GPOs and link them to the
domain, the Domain Controllers OU, or any other OU
(or sites if of use to you)
Group Policy is very powerful, and also has some
shortcomings. Walk softly while learning it.
I would suggest always using a new GPO linked to
an OU where you test new settings before making those
policy settings in a more broadly applied GPO.
Visit
www.microsoft.com/gp
and the newsgroup for GP is
microsoft.public.windows.group_policy

--
Roger Abell
Microsoft MVP (Windows Security)
MCSE (W2k3,W2k,Nt4) MCDBA
"Clayton Sutton" <(E-Mail Removed)> wrote in message
news:eF0CF$(E-Mail Removed)...
> I found it! It's now part of a GPO: "Default Domain Policy".
>
>
> Clayton
>
>
>
> "Clayton Sutton" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
> > We just moved to Windows 2003 from an NT 4.0 domain. Under NT 4.0 there
> > was a "Domain Security Policy" node under "Administrative Tools". Now
> > there is only "Local Security Policy". What happned to "Domain Security
> > Policy" under Windows 2003? How do you now configure Domain Security
> > Policies?
> >
> > Thanks for any help.
> >
> >
> > Clayton
> >
>
>

Thank you for your input Roger. I will take it to hart!


Clayton



"Roger Abell" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> You are best off not modifying the
> Default Domain Policy
> or the
> Default Domain Controller Policy
> You can define more GPOs and link them to the
> domain, the Domain Controllers OU, or any other OU
> (or sites if of use to you)
> Group Policy is very powerful, and also has some
> shortcomings. Walk softly while learning it.
> I would suggest always using a new GPO linked to
> an OU where you test new settings before making those
> policy settings in a more broadly applied GPO.
> Visit
> www.microsoft.com/gp
> and the newsgroup for GP is
> microsoft.public.windows.group_policy
>
> --
> Roger Abell
> Microsoft MVP (Windows Security)
> MCSE (W2k3,W2k,Nt4) MCDBA
> "Clayton Sutton" <(E-Mail Removed)> wrote in message
> news:eF0CF$(E-Mail Removed)...
>> I found it! It's now part of a GPO: "Default Domain Policy".
>>
>>
>> Clayton
>>
>>
>>
>> "Clayton Sutton" <(E-Mail Removed)> wrote in message
>> news:%(E-Mail Removed)...
>> > We just moved to Windows 2003 from an NT 4.0 domain. Under NT 4.0
>> > there
>> > was a "Domain Security Policy" node under "Administrative Tools". Now
>> > there is only "Local Security Policy". What happned to "Domain
>> > Security
>> > Policy" under Windows 2003? How do you now configure Domain Security
>> > Policies?
>> >
>> > Thanks for any help.
>> >
>> >
>> > Clayton
>> >
>>
>>
>
>