Uniform security policies allow consistent security settings to be applied and enforced on different classes of computers. A class of computer would be something like the domain controller class. This is a simple matter of creating an organizational unit in Active Directory, collecting appropriate computer account objects into the organizational unit, and then applying a Group Policy object to the organizational unit. The security policies specified in the Group Policy are then enforced automatically and consistently on all the computers represented by the computer accounts in the OU.
Windows 2000 comes with a selection of default Group Policy objects that are automatically applied to domains and to domain controllers. There is also a selection of security templates representing different levels of security for various types of enterprise computers. These templates can be used to create a Group Policy for a group of computers or to analyze the security settings on a specific computer.
Was this article helpful?