Hello, for AD domains, I recommend using models when creating AD objects (users, groups, computers, OUs) so that administration will not be complex. For security, I recommend granting only needed access to resources to enhance security of your environment. You have to start to determine your need and then create your own policy based on what I said. If you need other information, please mention it. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer

Hi, I would like to suggest you refer to the following Microsoft TechNet article for more information: Best Practice Guide for Securing Active Directory Installations http://technet.microsoft.com/en-us/library/cc773365(WS.10).aspx In This Guide: Chapter 1: Planning In-Depth Active Directory Security Chapter 2: Establishing Secure Active Directory Boundaries Chapter 3: Deploying Secure Domain Controllers Chapter 4: Strengthening Domain and Domain Controller Policy Settings Chapter 5: Establishing Secure Administrative Practices Chapter 6: Securing DNS Hope they are helpful for you! Regards, Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hello All Can somebody share some Good IT policy for Users and system to be followed in an organization with regard to security and policy All help is appreciated Regards George

Usually IT policies differ company to company and usually its based on the standards like ITIL and others to make you own IT policies refer to ITIL certifications http://en.wikipedia.org/wiki/ITILhttp://www.virmansec.com/blogs/skhairuddin

You can set background for all computers, set min password complex password. You can set updates if you have WSUS, you can set USB policy, set programs if they are .msi format to all computers .......... There are 1000 and more policy so first you need to know what you want and if than to check GPO to see if you can.

Hello, for AD domains, I recommend using models when creating AD objects (users, groups, computers, OUs) so that administration will not be complex. For security, I recommend granting only needed access to resources to enhance security of your environment. You have to start to determine your need and then create your own policy based on what I said. If you need other information, please mention it. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer

Hi, I would like to suggest you refer to the following Microsoft TechNet article for more information: Best Practice Guide for Securing Active Directory Installations http://technet.microsoft.com/en-us/library/cc773365(WS.10).aspx In This Guide: Chapter 1: Planning In-Depth Active Directory Security Chapter 2: Establishing Secure Active Directory Boundaries Chapter 3: Deploying Secure Domain Controllers Chapter 4: Strengthening Domain and Domain Controller Policy Settings Chapter 5: Establishing Secure Administrative Practices Chapter 6: Securing DNS Hope they are helpful for you! Regards, Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hello All, Thanks for those replies. Can anyone tell me what is a coporate policy for IT changes which a administrator Must follow. I mean Lets say, somebody want a specific access to a folder. In such case , how should that request be accepted and forwarded to the system administrator. What process should the administrator follow while giving that acess. All help is appreciated George

Hello All, Thanks for those replies. Can anyone tell me what is a coporate policy for IT changes which a administrator Must follow. I mean Lets say, somebody want a specific access to a folder. In such case , how should that request be accepted and forwarded to the system administrator. What process should the administrator follow while giving that acess. All help is appreciated George Like I already said: Limit the access and grant only needed permissions. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer