Answering the following questions will reinforce key information presented in this chapter. If you are unable to answer a question, review the appropriate lesson and then try the question again. Answers to the questions can be found in the appendix.
- If the Group Policy settings applied at the domain conflict with the Group Policy settings at the OU where the user's object is located in Active Directory, which settings take precedence?
- A Group Policy object is applied at the Employees OU that hides My Network Places from the desktop. The following permissions for the Group Policy object are configured:
- Authenticated User: Read (Allow)
- Users: Apply Group Policy (Allow)
- NetAdmins: Apply Group Policy (Deny)
If Jonas, a member of the NetAdmins group, logs on to the network, would he see the My Network Places icon on his desktop?
- You're a network administrator for your company's network. You have two separate domains in your Active Directory located at the same physical site. Both domains will require the same account policy settings to ensure that all network users implement complex passwords that have at least eight characters. Could you apply the account policy settings at the site?
- Figure 7.13 shows the Active Directory hierarchy for abc.tld. A computer in the Accounting department doesn't need Ctrl+Alt+Del to log on. The computer automatically logs on with a default account when it's restarted.
Figure 7.13 The abc.tld directory hierarchy
Assuming that the computer is located in the corporate site and is located in the OU=Computers, OU=Accounting, OU=Lisbon, OU=Europe, DC=abc, DC=tld OU, what locations would you have to inspect to find the Group Policy object that's applying the rogue setting?
- What utility from the Microsoft Windows 2000 Server Resource Kit could you use to narrow the search? What parameters do you need to know in order to troubleshoot the problem?