How to Apply an Existing IPSec Policy on Other Organizational Units

 

This article explains how you can apply the Block Inbound TCP 25 Policy filter to other organizational units in your enterprise. For more information about creating this filter, see How to Create a Block TCP 25 IPSec Policy. This procedure uses the Print organizational unit from the Windows Server 2003 Security Guide architecture as an example. Consider running this policy on organizational units in your enterprise that do not contain domain controllers, Exchange servers, or other computers that require SMTP inbound connectivity.

Before You Begin

The procedure in this article specifies naming conventions in bold italic. As you work through the other related procedures as listed in How to Create a Block TCP 25 IPSec Policy, notice that the policies, descriptions, and filters that are named in earlier procedures are referenced in subsequent procedures (again in bold italic).

It is recommended that you review Slowing and Stopping E-mail Viruses in Exchange Server 2003: Optional Configurations before implementing this procedure.

Procedure

To apply the IPSec policy on other organizational units

1. Open Active Directory Users and Computers using an account with Domain Admin privileges.

2. Right-click the Member Servers\Print organizational unit, and then select Properties.

3. On the Group Policy tab, click Add.

4. In the Add a Group Policy Object Link dialog box, click the All tab, select Block TCP25 Policy, and then click OK.