|"You have to apply it in default domain controller security policy."|
Incorrect. It should be a policy that has precedence over policies linked at the domain level. By default, that is NOT the default domain controller's policy since it is linked to the domain controllers container, not the domain level.
In fact, no editing should be done whatsoever to the default policies in AD. If you want different policies, make a copy of those and edit the copies or a new policy and have it take precedence.
Quite honestly, it surprises me that someone who is publishing info about security didn't know this. I would therefore recommend not consulting the windows 2003 hardening guide in the URL www.salem-radha.com but instead consulting the free hardening guide straight from the horse's mouth - Microsoft.
Please help survivors of Hurricane Katrina!