Question : Does local policy overwrite domain policies?

I have a Windows 2003 Server that I need to enable "Audit privilege use" to audit everything to satisfy the SOX auditors. I believe by doing this locally on the box will overwrite the domain policy of this not being turned on. Is this correct? If so, where is a good doc to get this done? Anything that I need to be aware of when I do this besides having enough disk space for the logs, etc?

Answer : Does local policy overwrite domain policies?

Ummmm,,, yes and no
http://technet2.microsoft.com/windowsserver/en/library/274e614e-f515-4b80-b794-fe09b5c21bad1033.mspx?mfr=true
processing of group policy is:
Local - Site - Domain - OU - (nested OUs)
So, the domain will win over local unless:
A) inheritance is blocked
B) all levels in the Domain (domain, site, OUs) set to "Not configured"
Basicly it's "last write wins" so it will process the local policy, then the rest of the domain tree and if nothing else overwrites .. then the local "wins"
A better solution would be to put the box in its own OU and set the policies / inheritance rules at that level (instead of local security policy), that way, a year from now when you are doing other GP work, you can see the all the policies and not beat you head against the desk because of a forgoten local policy.

Random Solutions

SSL Certificates

How To Create a Catch-All Acount on MDAEMON

wireless router acting up

Romaing profile does not load after password change.

FTP from outside the LAN

Unable to Delete Reverse DNS Record

Problem occurs while connecting two solaris machines to each other on vmware.

"pre-Windows Logon" SSL VPN connection

File extention association

Ho to do row level lock of a oracle database table?