Archived from groups: microsoft.public.win2000.group_policy (
More info?)
You have been very helpfull
Thanks and have a nice weekend
/Philip
>-----Original Message-----
>It is puzzling how those settings were made.
>
>I don't know of any books but there is an article that
gives the default
>gpttmpl.inf file for the Default Domain Policy.
> 226243 How to reset security settings in the default
Domain GPO in
>Windows 2000
>
http://support.microsoft.com/?id=226243
>
>--
>Gary Mudgett, MCSE, MCSA
>Windows 2000/2003 Directory Services
>
>=====================================================
>When responding to posts, please "Reply to Group" via
>your newsreader so that others may learn and benefit
>from your issue.
>=====================================================
>This posting is provided "AS IS" with no warranties, and
confers no rights.
>
>"pdk" <anonymous@discussions.microsoft.com> wrote in
message
>news:2e5ad01c46b63$fe765a00$a401280a@phx.gbl...
>>
>> Thanks for your help
>>
>> I have read the mentioned articles before this and found
>> some help. But it puzzles me how these settings has been
>> made.
>> Do you know about some documents / books that describes
>> the default settings for the security templates.
>>
>>
>> >-----Original Message-----
>> >I don't believe that SMS puts any policy settings in
>> place, so I would say
>> >not likely. I am not that familiar with it so I cannot
>> say with 100%
>> >certainty.
>> >
>> >--
>> >Gary Mudgett, MCSE, MCSA
>> >Windows 2000/2003 Directory Services
>> >
>> >=====================================================
>> >When responding to posts, please "Reply to Group" via
>> >your newsreader so that others may learn and benefit
>> >from your issue.
>> >=====================================================
>> >This posting is provided "AS IS" with no warranties,
and
>> confers no rights.
>> >
>> >"pdk" <anonymous@discussions.microsoft.com> wrote in
>> message
>> >news:2d9ed01c46b52$6131f210$a601280a@phx.gbl...
>> >>
>> >> Is it possible that this alteration came with SMS
>> >> implemented by my college, we run Advanced clients.
>> >>
>> >>
>> >> >-----Original Message-----
>> >> >None of the default policies specify any permission
>> >> settings.
>> >> >
>> >> >In the Default Domain Policy the only things
defined by
>> >> default are the
>> >> >password policies.
>> >> >In the Default Domain Controllers policy the only
>> things
>> >> defined by default
>> >> >are UserRights and a couple of Security Options.
>> >> >
>> >> >Any other settings would have been added to the
>> policies
>> >> after the fact
>> >> >manually (accidentally) or by importing a security
>> >> template.
>> >> >
>> >> >So if you don't need them then they can be removed
from
>> >> the policy.
>> >> >
>> >> >Please look at the following articles for FRS
>> information
>> >> pertaining to the
>> >> >events you were seeing:
>> >> >315045 FRS Event 13567 Is Recorded in the File
>> >> Replication Service Event Log
>> >> >
http://support.microsoft.com/?id=315045
>> >> >284947 Antivirus programs may modify security
>> descriptors
>> >> and cause
>> >> >excessive
>> >> >
http://support.microsoft.com/?id=284947
>> >> >279156 The Effects of Setting the File System Policy
>> on a
>> >> Disk Drive or
>> >> >Folder
>> >> >
http://support.microsoft.com/?id=279156
>> >> >
>> >> >--
>> >> >Gary Mudgett, MCSE, MCSA
>> >> >Windows 2000/2003 Directory Services
>> >> >
>> >>
>=====================================================
>> >> >When responding to posts, please "Reply to Group"
via
>> >> >your newsreader so that others may learn and benefit
>> >> >from your issue.
>> >>
>=====================================================
>> >> >This posting is provided "AS IS" with no warranties,
>> and
>> >> confers no rights.
>> >> >
>> >> >
>> >> >"pdk" <anonymous@discussions.microsoft.com> wrote in
>> >> message
>> >> >news:2d5e401c46b19$f01997a0$a601280a@phx.gbl...
>> >> >> The default domain policy sets security settings
on
>> the
>> >> >> sysvol directory on a given DC, however this
triggers
>> >> >> staging files to grow excessivly as it alters ACL
>> >> >> information.
>> >> >> If you alter the Default Domain Policy not to
replace
>> >> any
>> >> >> security setting on the sysvol directory +
subfolders
>> >> >> everything runs smootly and FRSDiag stops
reporting
>> >> errors.
>> >> >>
>> >> >> 1. Are these settings intended by Microsoft in
this
>> case
>> >> >> why ??
>> >> >> 2. Why does the Default Domain Policy specify the
>> path
>> >> >> c:\winnt\*** insted of %systemroot%??
>> >> >>
>> >> >
>> >> >
>> >> >.
>> >> >
>> >
>> >
>> >.
>> >
>
>
>.
>