DNS + DC GPO Query

[PRicho]

Few issues during our first few days back! hopefully all related to the same problem.

Basically in the holidays we attempted to join our AD to OD, and changed the default dc policy to allow this to work. However we cant remember which exact settings we changed (Schoolboy Error!), basically i want to reset it back to how it was, buried in computer config - windows settings - security settings - local policies - security options.

Domain Member: Digitally encrypt or sign secure channel data (always)
Domain Member: Digitally encrypt secure channel data (when possible)
Domain Member: Digitally sign secure channel data (when possible)

Microsoft network Server: Digitally sign communications (always)
Microsoft network Server: Digitally sign communication (if client agrees)

So can somebody please let me know what these should be by default on a DC.

Secondly would the above changes effect the way clients register to DNS? we have a few random servers with fixed IP's that will not register themselves in DNS. This is the only server side change we have made during the summer.

Cheers!

[PRicho]

Would somebody just mind checking there default domain controller policy for the above GPO's and letting me know what they are please!!

ta