I'm just looking at the GPOAccelerator in the Microsoft Security Compliance Management Toolkit. I'm following the book and have just typed in "cscript GPOAccelerator.wsf /WS08 /Enterprise /LAB" but the message I get scares me alittle...
/!\ Caution:P Microsoft recommends that only experienced domain administrators use this tool. are you sure you want to create the Windows Server 2008 Security Guide Enterprise Enviroment? doing so will modify ypir active directory enviroment. Click Yes to continue, or no to exit the tool. [Yes] [No]
Has anyone else used this and should I be careful about what I do with it? - is it useful? - will it save me time or am I wasteing time looking at it?
So I went for it, it creates GPO's for baseline security settings and then you apply the GPO's to the OU's for the relivant roled servers... however make sure that you are only applying a policy for a spercific role to a server that only uses that spercific role - if it has extras running on it then that could cause problems elsewhere (ie licence dongle would be blocked on the port that uses - I th5n2 that's what caused my problem just now:()