Windows Server 2008 Administration

Slides:



Advertisements
Similar presentations
Auditing Microsoft Active Directory
Advertisements

Module 5: Creating and Configuring Group Policy
Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.
6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.
Chapter 7 WORKING WITH GROUPS.
(ITI310) By Eng. BASSEM ALSAID SESSIONS
Understanding Group Policy on Windows Server 2003 John Howard, IT Pro Evangelist, Microsoft UK
9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam Microsoft® Windows® 2000 Directory Services Infrastructure.
11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.
9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.
Corso referenti S.I.R.A. – Modulo 2 07 – Group Policy 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Chapter 7: WORKING WITH GROUPS
Section 2: Using Group Policy Management Tools Local vs. Domain Policies Editing Local Policies Managing Domain Policies Understanding Group Policy Refresh.
Designing Group Security Designing security groups Designing user rights.
70-411: Administering Windows Server 2012
7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Module 6: Implementing Group Policy. Overview Implementing Group Policy Objects Implementing GPOs in a Domain Managing the Deployment of Group Policy.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
Introduction to Microsoft Management Console (MMC) MMC is a common console framework for management applications. MMC provides a common environment for.
Module 6: Configuring User Environments Using Group Policy.
Module 7 Configure User and Computer Environments By Using Group Policy.
Active Directory Harikrishnan V G 18 March Presentation titlePage 2 Agenda ► Introduction – Active Directory ► Directory Service ► Benefits of Active.
Planning a Group Policy Management and Implementation Strategy Lesson 10.
GPO - WINDOWS SERVER AGENDA: Introduction Group Policy Overview Types of Group Policies/Objects Associated Technologies How to implement.
Module 5: Implementing Group Policy
Page 1 System and Group Policies Lecture 7 Hassan Shuja 11/02/2004.
Chapter 10: Rights, User, and Group Administration.
Section 4: Understanding the Architecture of Group Policy Processing Group Policy Components in AD DS Understanding the Group Policy Processing Sequence.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Module 5: Creating and Configuring Group Policies.
Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.
Administering Group Policy Chapter Eleven. Exam Objectives in this Chapter  Plan a Group Policy strategy using Resultant Set of Policy Planning mode.
Implementing Group Policy
Week 4 Objectives Overview of Group Policy Group Policy Processing Implementing a Central Store for Administrative Templates.
Implementing a Group Policy Infrastructure
Module 10: Implementing Administrative Templates and Audit Policy.
Module 6: Configuring User Environments Using Group Policies.
Module 6 Creating and Configuring Group Policy. Module Overview Overview of Group Policy Configuring the Scope of Group Policy Objects Evaluating the.
10.1 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam Microsoft® Windows® 2000 Directory Services Infrastructure.
Windows Server 2003 群組原則設定與管理 林寶森
GROUP POLICY. Group Policy is a hierarchical infrastructure which allows systems administrators to configure computer and user settings from a central.
1.1 Microsoft® Windows® 2003 Server Group Policy Management Prof. Abdul Hameed.
Introduction to Group Policy Lesson 7. Group Policy Group Policy is a method of controlling settings across your network. – Group Policy consists of user.
Implementing Active Directory Domain Services
Active Directory Administration
Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.
Unit 8 NT1330 Client-Server Networking II Date: 8/2/2016
Utilize Group Policy Terminal Server Settings
Planning a Group Policy Management and Implementation Strategy
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.
Windows Active Directory Environment
Introduction to Group Policy
Implementing and Managing Group and Computer Accounts
Planning a Group Policy Management and Implementation Strategy
Presentation transcript:

Windows Server 2008 Administration

Contents Defining Administrative Model Configuring Sites Examining Server 2008 R2 Active Directory Groups Creating Groups Managing Users with Local Security &Group Policies Managing Printers with Print Management Console

Administrative Model

Models Centralized Distributed mix all critical servers are housed in 1 or a few locations Distributed opposite of centralized model in that tasks can be divided among IT & non-IT staff members in various locations. mix mix of administrative responsibilities using both centralized and distributed admin

Creating a Site

Creating Site Subnets

Adding Domain Controllers to Sites

Establishing Site Links

Delegating Control at Site Level

Group Types Distribution Groups allow for grouping of contacts, users, or groups primarily for emailing purposes cannot be used for granting or denying access to domain-based resources Discretionary access control lists (DACLs), which are used to grant or deny access to resources or define user rights, are made up of access control entries (ACEs)

Security Groups security enabled used for assigning user rights and resource permissions or for applying computer and Active Directory-based group policies. can be defined for different levels of responsibility

Group Scopes in Active Directory Domain Local Groups to assign permissions to perform domain-based administrative tasks and to access resources hosted on domain controllers Global Groups more functional than domain local groups. Universal Groups can contain users, groups, contacts, or computers from any domain in forest

Creating Groups

Populating Groups

Group Management

Viewing Policies with Group Policy Management Console

Creating New Group Policies

enable or disable entire GPO

Block Policy Inheritance

Enforce Option

Group Policy Modeling Tool

Managing Printers with Print Management Console

Install Print Management Console

Configuring Print Management Console

Printers as Network Shared Resources

Adding Print Servers to the Print Management Console

create a custom printers view

Group Policies and Policy Management Overview Group Policy Processing - How Does It Work? Local Group Policies Security Templates Elements of Group Policy Group Policy Administrative Templates Explained Policy Management Tools Designing a Group Policy Infrastructure GPO Administrative Task

Overview mechanism used to centrally secure, configure, and deploy a common set of PC and user configurations, security settings organizations to enforce configurations, simplify desktop administration, secure access to network resources

example end-user password policy requires must exceed seven characters must be changed every 30 days  group policies can be configured to apply

How Does It Work? each policy contain specific settings to define how and when a policy will be processed In GPO

Managing Group Policy Processing with GPO Settings Within the Policies\Administrative Templates\System\GroupPolicy section of both Computer Configuration and User Configuration nodes of a GPO

Local Group Policies local group policies exist on all Windows systems Active Directory group policies only on Active Directory forest

Local Group Policies config computer and user environment.

Security Templates Includes settings for computer audit policies account management user rights assignments.

Elements of Group Policy Group Policy Objects predefined set of available settings that can be applied to Active Directory computer and/or user objects. GPO Storage and Replication GPOs are stored in both file system and Active Directory database. Each domain GPO has a corresponding folder located within sysvol\companyabc.com\Policies

Group Policy Object Replication replicated by domain controllers User Subfolder files and folders used to store the settings, Machine Subfolder files and folders used to store the settings, software, scripts, and any other policy settings specific to machine or computer object policies configured within a particular GPO ADM Subfolder created on new GPOs when legacy administrative template files are imported into a GPO. registry.pol Files settings are segmented into several sections gpt.ini File root of GPO folder Contains revision number of the GPO.

Group Policy Administrative Templates include clearly defined settings that can be set to a number of different values a new GPO is created, a base set of administrative templates are imported or referenced within that policy.

Starter GPOs contain settings available from administrative templates. security templates be used to import and export configured settings within security section of a policy used to prepopulate configured settings in Administrative Templates sections

Policy Settings configurable options made available within a particular GPO one of three values: not configured, enabled, or disabled.

Preference Settings Group Policies have two main setting nodes, configure many default or initial configuration and environmental settings for users and computers. Start menu on Windows 7

Group Policy Object Links key to deploying GPOs to a predetermined set of Active Directory computers and/or users. GPOs can be linked to Active Directory sites, domains, and organizational units (OUs).

Group Policy Link Enforcement

Group Policy Inheritance allows admin to set a common base policy across AD infrastructure while allowing other admin to apply more granular policies at a lower level that apply to subsets of users or computer

GPO Filtering only desired computers or users actually apply policy GPO security filtering where administrators can define which users, computers, or members of security groups will actually apply the group policy. GPO WMI filtering WMI filter is a query that is processed by computer objects only and be used to include or exclude particular computer objects from applying a GPO GPO status enables administrators to change the GPO

Group Policy Administrative Templates Explained

Policy Management Tools Group Policy Management Console (GPMC) Group Policy Object Editor (GPOE) gpupdate.exe

Group Policy Management Console (GPMC)

Group Policy Object Editor (GPOE)

Print Management Console

Gpupdate

GPO Administrative Tasks Installing Group Policy Management Tools Creating a GPO Central Store Verifying Usage of GPO Central Store Creating and Utilizing Starter GPOs Backing Up and Restoring Starter GPOs Creating New Domain Group Policies Managing GPO Status Creating and Linking WMI Filters to GPOs Managing GPO Security Filtering

Installing Group Policy Management Tools

Creating a GPO Central Store

Verifying Usage of GPO Central Store

Creating & Utilizing Starter GPOs

Backing Up & Restoring Starter GPOs

Saving a Starter GPO as a Cabinet File

Restoring a Starter GPO from Backup

Creating New Domain Group Policies

Creating & Configuring GPO Links

Managing GPO Status

Creating & Linking WMI Filters to GPOs

Managing GPO Security Filtering

Viewing GPO Settings & Creating Reports

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.