Export (0) Print
Expand All
1 out of 1 rated this helpful - Rate this topic

Configure IPsec OUs

Updated: February 29, 2012

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

Three organizational units (OUs) are used for the application of Group Policy objects (GPOs). There will be a boundary OU for computers with NAP exemption certificates that request, but do not require, that incoming communications authenticate with a health certificate. There will be a secure OU for computers running Windows Vista®, Windows Server® 2008, Windows 7, or Windows Server 2008 R2 operating system, and a secure OU for computers running Windows XP with Service Pack 3. Computers in the secure OUs will require that incoming communications are authenticated with a health certificate.

Membership in the local Domain Admins group, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (http://go.microsoft.com/fwlink/?LinkId=83477).

Use the following steps to create OUs for use with NAP and the IPsec enforcement method.

  1. On a domain controller, click Start, point to Administrative Tools, and then click Active Directory Users and Computers.

  2. In the console tree, right-click the domain name (for example, Woodgrovebank.local), point to New, and then click Organizational Unit.

  3. Under Name, type Vista IPsec Secure, and then click OK.

  4. In the console tree, right-click the domain name (for example, Woodgrovebank.local), point to New, and then click Organizational Unit.

  5. Under Name, type XP IPsec Secure, and then click OK.

  6. In the console tree, right-click the domain name (for example, Woodgrovebank.local), point to New, and then click Organizational Unit.

  7. Under Name, type IPsec Boundary, and then click OK.

  8. Close the Active Directory Users and Computers console.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.