Enforcing Group Policy Security Settings (including some in-depth Registry “hacks”), and some of the most common scenarios where security settings do not behave as they appear.
There are numerous security settings that can be configured in a single Group Policy Object. These settings range from controlling the Administrator account to controlling the LDAP client signing requirements. With so many security settings, it is important to understand how the function and where there might be a behavior that is not as obvious as you would imagine.
In December 2004 Derek belber wrote an article on “Enforcing Group Policy Security Settings” which can give you some detailed insight on how security settings can be enforced in a standard environment. In this article, Derek will expand on this concept (with some in-depth Registry “hacks”), as well as go into some of the most common scenarios where security settings do not behave as they appear.