Group Policy in Windows Vista Stephen Lamb IT Pro Evangelist, Microsoft Ltd

Slides:



Advertisements
Similar presentations
Auditing Microsoft Active Directory
Advertisements

Microsoft and Community Tour 2011 – Infrastrutture in evoluzione Application Virtualization: Package and Deploy Virtual Applications Level Advanced.
The System Center Family Microsoft. Mobile Device Manager 2008.
Microsoft Server 2008 R2 Group Policies & AD. Group Policies-Refresher  Policies are “all or nothing”  You cannot selectively choose within a policy.
Module 5: Creating and Configuring Group Policy
New features in Windows Vista Multiple Local GPOs Network Awareness ADMX Files Improved Logging Coming in Windows Server 2008 Filters Comments Starter.
Managing User Settings with Group Policy
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 14: Windows Server 2003 Security Features.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Clyde G. Johnson.  Test Environment  Tools of the trade  Demo  Central Store  Show  Group Policy Spreadsheets  Demo  Planning and Deployment.
Lesson 16: Creating Group Policy Objects
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.
Maintaining and Updating Windows Server 2008
Ran Oelgiesser, Sr. Product Manager Praveen Vijayaraghavan, Program Manager (Virtual PC) Yigal Edery, Group Program Manager (MED-V)
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.
Module 16: Software Maintenance Using Windows Server Update Services.
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.
Richard Smith Senior Consultant – Management, Operations and Deployment Microsoft UK Simple Deployments with Windows AIK and Windows DS.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.
70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.
9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.
Migration XenDesktop 7. © 2013 Citrix | Confidential – Do Not Distribute Migration prerequisites Set up a XenDesktop 7 Site, including the site database.
Corso referenti S.I.R.A. – Modulo 2 07 – Group Policy 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.
Section 2: Using Group Policy Management Tools Local vs. Domain Policies Editing Local Policies Managing Domain Policies Understanding Group Policy Refresh.
Module 15: Manage the Windows ® Small Business Server 2008 Environment Using Group Policy.
Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.
Module 7: Fundamentals of Administering Windows Server 2008.
11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.
Managing User Desktops with Group Policy
OFC290 Information Rights Management in Microsoft Office 2003 Lauren Antonoff Group Program Manager.
Migration from Software Update Services to Windows Server Update Services Jeff Alexander IT Pro Evangelist Microsoft Australia Scott Korman WSUS MVP SEC316.
Module 7 Configure User and Computer Environments By Using Group Policy.
ADM320 Managing Group Policy BJ Whalen Program Manager Windows Server Microsoft Corporation.
Section 5: Troubleshooting and Backing Up GPOs Using Group Policy Troubleshooting Tools Integration of RSoP Functionality Using Logging Options Backing.
Module 5: Configuring Internet Explorer and Supporting Applications.
4. Managing the Desktop Thomas Lee Chief Technologist – QA plc.
Troubleshooting Security Issues Lesson 6. Skills Matrix Technology SkillObjective Domain SkillDomain # Monitoring and Troubleshooting with Event Viewer.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 11: Group Policy for Corporate Policy.
Module 5: Creating and Configuring Group Policies.
Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.
Microsoft Management Seminar Series SMS 2003 Change Management.
Exchange Deployment Planning Services Exchange 2010 Complementary Products.
WCL303 Business Desktop Deployment (BDD) 2007: Part 2, Deploying the 2007 Office system Michael Niehaus Systems Design Engineer Microsoft
Company Confidential 1 A Course on Planning A Group Policy Management And Implementation Strategy Prepared for: *Stars* New Horizons Certified Professional.
11 PLANNING A GROUP POLICY MANAGEMENT AND IMPLEMENTATION STRATEGY Chapter 10.
Week 4 Objectives Overview of Group Policy Group Policy Processing Implementing a Central Store for Administrative Templates.
Implementing a Group Policy Infrastructure
11 IMPLEMENTING AND MANAGING SOFTWARE UPDATE SERVICES Chapter 7.
Jorke Odolphi Product Technology Specialist WebCentral Using Microsoft Operations Manager To Monitor And Maintain Your Farm.
May 25 – June 15, Technical Overview Bruce Cowper IT Pro Advisor Microsoft Canada Damir Bersinic IT Pro Advisor Microsoft.
Service Pack 2 System Center Configuration Manager 2007.
Module 6 Creating and Configuring Group Policy. Module Overview Overview of Group Policy Configuring the Scope of Group Policy Objects Evaluating the.
Chapter 7: Managing and Troubleshooting Group Policy.
Windows Small Business Server 2003 R2 Powering Small Businesses.
The 2007 Microsoft Office System Servers Enterprise Content Management, Workflow and Forms Martin Parry Developer and Platform Group, Microsoft Ltd
Group Policy in Windows Vista. Group Policy Administration Group Policy with Windows Vista QoS Policies What Will We Cover?
Group Policy Preferences. Session Objectives And Agenda Group Policy Preferences High level Overview New Extensions details New Concepts Preferences Reporting.
Maintaining and Updating Windows Server 2008 Lesson 8.
Introduction to Group Policy Lesson 7. Group Policy Group Policy is a method of controlling settings across your network. – Group Policy consists of user.
SQL Database Management
Microsoft Virtual Academy
Introduction to Group Policy
Microsoft Virtual Academy
Microsoft Virtual Academy
Presentation transcript:

Group Policy in Windows Vista Stephen Lamb IT Pro Evangelist, Microsoft Ltd

Agenda What’s New - from 64,000 Feet Walkthrough Windows Vista as an Administrative Workstation Introducing the Central Store Multiple Local GPOs Troubleshooting - Event Viewer Log Enhancements New Policy Settings in Windows Vista Power Management, Removable Device Management, Internet Explorer, etc About the Desktop Standard Acquisition Pointers to Helpful Resources

All about the demo’s… This is a demo-driven presentation! For each area you’ll see: A DEMO Things you need to remember A pointer to useful resources

But First… Our New Features Far Greater Coverage for Group Policy Across Windows 35% increase in policy settings (2490 total) Important new areas now covered by policy – removable device management, power management, user access control and much more Improved Reliability and Network Awareness More responsive policy application as network conditions change (wireless, VPN, etc) More efficient application of policy (less need for synchronous application).admx/adml Files and the Central Store Replaces.adm files – XML based format with true language independence Centralized store for all ADMX files Full interop with Windows Server 2003 and XP administrative workstations

But First… Our New Features (2) Improved Event Logging and Troubleshooting Leveraging “Crimson” for event viewing & reporting Far more useful events and links to REAL content on the web Multiple Local GPOs Adds Administrator/Non-Administrator and per-user LGPOs Ability to disable local GPO processing for domain-joined machines GPMC Integration No need to download GPMC from the web Resources What's New in Group Policy in Windows Vista and Windows Server "Longhorn“ What's New in Group Policy in Windows Vista and Windows Server "Longhorn“

Setting The Scene - Our Scenario… Day 0 - Our Starting Point (Existing Environment) Windows Server 2003 domain and Windows XP Clients Day 1 – Initial use of Windows Vista and Group Policy Managing Group Policy from Windows Vista and XP Day 2 and Beyond – ongoing Group Policy management Managing Windows Vista – from Windows Vista

Using Windows Vista Group Policy tools to edit and create GPOs

Windows Vista as an Administrative Workstation for Group Policy Key Points Managing Group Policy With Windows Vista “It Just Works” (Start Managing Your Existing Environment Right Away) Use Windows Vista tools to manage new and existing GPOs By default, Windows Vista uses local ADMX files To manage new Windows Vista policy settings you must use a Windows Vista administrative machines You can mix-and-match “new and old” policy settings in a single GPO but Windows Server 2003 and Windows XP will not report new settings correctly For full Resultant Set of Policy reporting, use Group Policy Results and GPO Reports in GPMC (not rsop.msc) Backup/Restore – create new backups as some extensions may not restore properly from the version of GPMC for XP & Windows Server 2003 Resources KB Recommendations for managing Group Policy administrative template (.adm) filesRecommendations for managing Group Policy administrative template (.adm) files

Creating and Managing the ADMX Central Store

Creating and Using the Central Store Key Points ADMX files and the central store have no dependency on Longhorn Server (works fine with Windows Server 2003 and Windows 2000 domains) All Windows Vista machines use local ADMX files before the central store is created The central store is merely a directory (on Sysvol, replicated across DCs in a domain) Once created, all Windows Vista administrative workstations in the domain use the central store (and ignore local ADMX files) Windows Vista will consume any custom ADM files found in a GPO ADMX files can be stored in the central store but not in individual GPOs. You can still add ADM files to a GPO Resources Managing Group Policy ADMX Files Step-by-Step Guide ADMX Migrator

Multiple Local GPOs in Windows Vista

Multiple Local GPOs Key Points Important for standalone PCs (kiosk machines, DMZ, etc) The regular machine wide LGPO remains (created by default, the others are created manually) LGPOs available for: Administrator and Non-Administrator (mutually exclusive for a particular user) Per User Create LGPOs via GPEdit New policy setting available to disable all processing of LGPOs - only processed for machine-joined machines (think about it…) Resources What's New in Group Policy in Windows Vista and Windows Server "Longhorn“ What's New in Group Policy in Windows Vista and Windows Server "Longhorn“

Using New Group Policy Event Logging in Windows Vista

Troubleshooting Sequence Start with “Admin Event Views” For each policy failure look at description, details tab and more info link Drill down into operational log Use Activity Id extracted from failure event and use it to correlate to the operational events: Use the extracted Activity Id from failure event and use it to filter the events in the Event Viewer Or with –a option as a parameter to GPlogview.exe Allows exporting data to XML or HTML Analyze output Review step by step policy processing scenario events to identify failure point and error codes Run GPUpdate.exe to see if problem still persists

Two types of events: Administrative & Operational Administrative log: Actionable set of events in ‘System’ log Hot web links that provide troubleshooting steps Source is “Group Policy Service” not “userenv” Success events are also published Operational log is the replacement of the userenv.log Step-by-step insight into GP processing GPLogView.exe – Windows Group Policy Log View Tool v1.0 GPLogView.exe Free tool available from the “download center”download center Scheduled availability is 11/30/06 Views - Create focused views for filtering Group Policy events from Admin and Operational channels Associate actions to events - Send , Execute script/WMI jobs Subscriptions - Use it to consolidate and remotely monitor GP errors occurring on multiple machines Resources for pre-Vista: How to enable user environment debug logging in retail builds of Windows Interpreting Userenv log files Fixing Group Policy problems by using log files Group Policy Event Logs in Windows Vista Key Points

The Right Set of Policy Settings

The Right Setting of Settings Removable Devices (Installation and Access) Step-by-Step Guide to Controlling Device Installation and Usage with Group Policy Step-by-Step Guide to Controlling Device Installation and Usage with Group Policy Power Management Internet Explorer Windows Firewall Resources: Group Policy Settings Reference Windows Vista Updated to include: Reboot, logoff and AD Schema update requirements Security settings with Explain text

About the Desktop Standard Acquisition Why We Did This? Microsoft is committed to helping customers leverage the value of policy-based management What It Means To The Group Policy Administrator? Customers will get increased coverage of their desktop environment through new extensions GPO lifecycle management with GPOVault – Now called “Advanced Group Policy Management” as part of the Desktop Optimization Pack for Software Assurance (DOPSA)Desktop Optimization Pack for Software Assurance Ease of administration – “PolicyMaker” provides more settings and greater control When Will You See Results? The product integration roadmap is being finalized, look for announcements… Resources: Press release for DOPSA Desktop.mspx 17Desktop.mspx

Useful documentation and resources Feedback Group Policy on Microsoft.com: Community: Blog - Wiki - MVP’s (Most Valuable Professional):Most Valuable Professional Darren Mar-Elia Jeremy Moskowitz - Mark Heitbrink - French Language site Group Policy Newsgroup

Useful documentation and resources Feedback Virtual Labs - mspx mspx Microsoft Press book Group Policy in Vista specific: What's New in Group Policy in Windows Vista and Windows Server "Longhorn“ What's New in Group Policy in Windows Vista and Windows Server "Longhorn“ Managing Group Policy ADMX Files Step-by-Step Guide Step-by-Step Guide to Controlling Device Installation and Usage with Group Policy Step-by-Step Guide to Controlling Device Installation and Usage with Group Policy

©2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.