Can someone clear up a few things about windows security for me?

If I go through the LSP on a server that is part of a domain and make changes to the Local Settings. Say for example I want to prohibit all null sessions to the box. So I edit
"Additional restrictions for anonymous connections" and make the relavent change to the Local Setting.

Now apparently the effective setting will overide the local setting? But when does the local setting ever become relavent? *OR* is it relavent until someone logs into the domain from that machine?

Also, how is the relationship between the server and the domain/DC formed? How are the LSP settings 'pushed' to the server from the DC? Is this a specifcally an AD/OU thing or can it be done thhrough a more generic method?