none
reports of GPOs, certificate

    Question

  • Hello

    I have to issue two separate reports of GPOs.

    01- To know to which group is being applied to password policy, we have two separate policies, need to know to which group is being applied to each policy.


    02- REPORT toddas CAs Certificate have in my domain controler


    Thank you

    Grato Julio Vaz jvaz.wordpress.com

    Friday, September 16, 2016 1:46 PM

Answers

  • Hi JVAZ Consulting,

    >01- To know to which group is being applied to password policy, we have two separate policies, need to know to which group is being applied to each policy.

    What do you mean "two separate policies"?

    Only one password policy and account lockout policy could be applied to all users in the domain.

    Fine-grained password policies apply only to user objects (or inetOrgPerson objects if they are used instead of user objects) and global security groups.

    >02- REPORT toddas CAs Certificate have in my domain controller

    Could explain more about question2?

    If you install AD CA role on DC, then, domain computers may store the root certificate of the CA server as trusted. If you want to check certificates stores on the DC, you may use MMC console, add "Certificate (Local Computer)" snap in to check.

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, September 19, 2016 8:16 AM
    Moderator

All replies

  • Hi JVAZ Consulting,

    >01- To know to which group is being applied to password policy, we have two separate policies, need to know to which group is being applied to each policy.

    What do you mean "two separate policies"?

    Only one password policy and account lockout policy could be applied to all users in the domain.

    Fine-grained password policies apply only to user objects (or inetOrgPerson objects if they are used instead of user objects) and global security groups.

    >02- REPORT toddas CAs Certificate have in my domain controller

    Could explain more about question2?

    If you install AD CA role on DC, then, domain computers may store the root certificate of the CA server as trusted. If you want to check certificates stores on the DC, you may use MMC console, add "Certificate (Local Computer)" snap in to check.

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, September 19, 2016 8:16 AM
    Moderator
  • Hi
    Anny


    Thank you very much for your attention.


    Jamanaged to solveallmy doubts.


    Best Regards,


    JVAZ


    Grato Julio Vaz jvaz.wordpress.com

    Thursday, September 22, 2016 2:59 PM
  • Hi JVAZ Consulting,

    >Jamanaged to solveallmy doubts.

    Since I don't understand the above sentence, then do you have any other questions, if yes, feel free to ask, if you have already got the answer you want, then you may mark related replied as answer.

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Friday, September 23, 2016 8:37 AM
    Moderator
  • Hi

    Anny

    Thank you very much for your attention.

    I commented in the previous message that was already with the answers.
    Thankyou for taking thetime to helpme ..


    Thanks


    Grato Julio Vaz jvaz.wordpress.com

    Friday, September 23, 2016 12:24 PM
  • >>Jamanaged to solveallmy doubts.
    >
    > Since I don't understand the above sentence,
     
    "You managed to solve all my doubts" - although this doesn't really make
    sense anyway :-))
     
    Friday, September 23, 2016 2:05 PM