Isolated Domain GPOs
Applies To: Windows Server 2012
All of the computers in the isolated domain are added to the group CG_DOMISO_IsolatedDomain. You must create multiple GPOs to align with this group, one for each Windows operating system that must have different rules or settings to implement the basic isolated domain functionality that you have in your isolated domain. This group is granted Read and Apply Group Policy permissions on all the GPOs described in this section.
Each GPO has a security group filter that prevents the GPO from applying to members of the group GP_DOMISO_No_IPsec. A WMI filter is attached to each GPO to ensure that the GPO is applied to only the specified version of Windows. For more information, see the Planning GPO Deployment section.
The GPOs created for the Woodgrove Bank isolated domain include the following: