Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 3105 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Propogate Policies down AD tree

kenclarke

Hello

We have Enterprise Console syncronized with Active Direcotory and just like Group Policy in AD we would like to apply certain policies high up in the tree and propogate these down into the different OUs.

There doesn't seem to be an option when editing the group policy details in Enterprise Console to apply the policy on all sub groups. Is there a way to do this?

:14127


This thread was automatically locked due to age.
Parents
  • 0

    If you are using Synchronize with AD the "syncpoints" are the groups (one or more) with the "green folder with clock" symbol (the "green folder with lock" are the subgroups which you can assign different policies to but otherwise not modify). Right clicking you can view the synchronized AD container and view/change interval and automatic protection.

    Modifying my example let's assume OU1 and OU2 are under TopOU and right now this is the one sync'ed at the OldTree syncpoint. I suggest you remove the synchronization in OldTree, create the group NewTree with subgroups OU1.A and OU2.B and sync these with OU1 and OU2 respectively. The other option is to re-use the structure left behind after removing the syncpoint. Delete all groups under OU1 and OU2 (this is important), apply the desired policies to OU1 and OU2 and re-sync group OU1 with OU=OU1,OU=TopOU,.... and OU2 with OU=OU2,....

    Christian

    :14345
Reply
  • 0

    If you are using Synchronize with AD the "syncpoints" are the groups (one or more) with the "green folder with clock" symbol (the "green folder with lock" are the subgroups which you can assign different policies to but otherwise not modify). Right clicking you can view the synchronized AD container and view/change interval and automatic protection.

    Modifying my example let's assume OU1 and OU2 are under TopOU and right now this is the one sync'ed at the OldTree syncpoint. I suggest you remove the synchronization in OldTree, create the group NewTree with subgroups OU1.A and OU2.B and sync these with OU1 and OU2 respectively. The other option is to re-use the structure left behind after removing the syncpoint. Delete all groups under OU1 and OU2 (this is important), apply the desired policies to OU1 and OU2 and re-sync group OU1 with OU=OU1,OU=TopOU,.... and OU2 with OU=OU2,....

    Christian

    :14345
Children
No Data