ASK

As we know group policy has two main configurations, user and computer. Accordingly, the computer policy is applied to the computer despite of the logged user and the user configuration is applied to the user despite of the computer he is logged on. For example we have a Domain, this Domain has two different organizational units (OU)  Green  and  Red ,  Green OU  contains a Computer account and  Red OU  contains User account. The Green policy, which has settings  “Computer Configuration 2”  and “User Configuration 2”  is applied to the OU with the computer account. The Red policy, which has settings  “Computer Configuration 1”  and  “User Configuration 1” , is applied to the OU with the User account. If you have a look at the picture below it will become clearer. If Loopback processing of Group Policy is not enabled and our User logs on to our Computer, the following is true: As we can see from the picture, the User gets  Computer Configuration 2  and  User Configuration 1 . This is a

what is Change Notification? Change Notification is the interval between an originating update on a domain controller and notification of this change to its partners.  When this interval elapses, the domain controller initiates a notification to each intra-site replication partner that it has changes that need to be propagated. Another configurable parameter determines the number of seconds to pause between notifications to other partners if any. This parameter prevents simultaneous replies by the replication partners. There are two values for the interval – one for the first partner, and other for the subsequent partners. When a change is made on a Domain Controller’s Active Directory database, before the change is replicated, the DC waits for a specific period of time before sending the Change Notification to its first partner, and then waits for another period of time before sending the Change Notification to another partner, this process continues until all partners are notifie

This one drove me crazy. Many help articles start with  " start adsiedit and browse to CN=Configuration CN=Services ....." . I could not see CN=Configuration to save my life. After hours of hair pulling I found this article Thanks David http://www.kineticcomputer.com/tips/1103-cannot-see-configuration-container-in-adsiedit.htm Solution The default naming context of ADSIEdit may not show the Configuration container. You can, however, specify it manualy. Select Action -> Connect to... In the "Connection Point" frame, choose "Select a well known Naming Context". Choose "Configuration" from the drop-down box. Hit OK, and the Configuration container, and its sub-containers such as CN=Services and CN=Sites, will be visible. Alternatively, you can choose "Select or type a Distinguished Name or Naming Context" and type the address of the Configuration container in the following format: CN=Configuration,DC=yourdomain,DC=com (e.g