PeeluckyDuckee
Diamond Member
I'm working on a lab (at school) right now and there's a few things I am wondering about, and thought maybe one of you MSCE fellas can help me out here 🙂 There are several things, here they are as follows:
In a domain, there are 3 OUs (one per city), and 5 OUs under each of those cities (they're departments). Each city represents a store. Each store has a store manager. Each department has a department manager. Now there's delegation of authority to the 3 store managers, and we're supposed to create a unique MMC for each of them. Question is after I've created the MMC and saved it, how can I automatically map it to the manager's desktop via an icon? Same thing I want to do with my 3 DFS shares (appz, docz, and gamez), being mapped to regular user's desktop as well. For the MMC that I created, I also want to limit the manager's access to certain MMCs via the run command, the one I created being one of them. Do I do this via a group policy? Since I had manually created this MMC, I don't believe existing group policies will reflect that, yes/no?
All employees and managers, as well as admins have roaming profiles. I've also setup software deployment. Question here is if I setup manual profiles for the employees, when it comes time for them to install software made available to them (either via assignment or publishing to the Control Panel), after they install the software, will the icons displayed on the desktop be gone the next time they logon because of manual profiles? I guess the simple question here is will manual profiles affect my trying to manage software install via Software Deployment?
I did this in a previous lab, but don't seem to recall whether you can create a VPN connection (thru RRAS policies) using certificates as means of authentication? I see under RRAS settings and VPN properties the option to use certificates, but it doesn't seem to work? I can use L2TP with IPSEC only.
One last thing, I was configuring group policies for one of the OUs. I was configuring the settings under Administrative Templates of User Configurations. After the policies were set, I did a secedit (both user and machine just to make sure), and logged onto the client machine (W2K Pro) and see that some settings took effect and some didn't? It had successfully blocked the "Internet Options" of Internet Explorer and hid the MMC I did not want shown up. But other things such as blocking certain items in the Control Panel (blocking specific *.cpl files) and trying to hide "Windows Update" from the Start menu and "Network and Dialup Connections" from Settings it didn't work? Did the policy not get thru fully or what could be the problem? Must I do it under "Computer Configuration" and not under "User Configuration"??
Thx and appreciate the help fellas 🙂
Plucky
In a domain, there are 3 OUs (one per city), and 5 OUs under each of those cities (they're departments). Each city represents a store. Each store has a store manager. Each department has a department manager. Now there's delegation of authority to the 3 store managers, and we're supposed to create a unique MMC for each of them. Question is after I've created the MMC and saved it, how can I automatically map it to the manager's desktop via an icon? Same thing I want to do with my 3 DFS shares (appz, docz, and gamez), being mapped to regular user's desktop as well. For the MMC that I created, I also want to limit the manager's access to certain MMCs via the run command, the one I created being one of them. Do I do this via a group policy? Since I had manually created this MMC, I don't believe existing group policies will reflect that, yes/no?
All employees and managers, as well as admins have roaming profiles. I've also setup software deployment. Question here is if I setup manual profiles for the employees, when it comes time for them to install software made available to them (either via assignment or publishing to the Control Panel), after they install the software, will the icons displayed on the desktop be gone the next time they logon because of manual profiles? I guess the simple question here is will manual profiles affect my trying to manage software install via Software Deployment?
I did this in a previous lab, but don't seem to recall whether you can create a VPN connection (thru RRAS policies) using certificates as means of authentication? I see under RRAS settings and VPN properties the option to use certificates, but it doesn't seem to work? I can use L2TP with IPSEC only.
One last thing, I was configuring group policies for one of the OUs. I was configuring the settings under Administrative Templates of User Configurations. After the policies were set, I did a secedit (both user and machine just to make sure), and logged onto the client machine (W2K Pro) and see that some settings took effect and some didn't? It had successfully blocked the "Internet Options" of Internet Explorer and hid the MMC I did not want shown up. But other things such as blocking certain items in the Control Panel (blocking specific *.cpl files) and trying to hide "Windows Update" from the Start menu and "Network and Dialup Connections" from Settings it didn't work? Did the policy not get thru fully or what could be the problem? Must I do it under "Computer Configuration" and not under "User Configuration"??
Thx and appreciate the help fellas 🙂
Plucky
