GPO - WINDOWS SERVER 2012. AGENDA: Introduction Group Policy Overview Types of Group Policies/Objects Associated Technologies How to implement.

Slides:

Advertisements

Similar presentations

Auditing Microsoft Active Directory

Advertisements

Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.

Module 5: Creating and Configuring Group Policy

Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.

Managing User Settings with Group Policy

Chapter 8 Configuring Group Policies

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

MIS Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.

10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Group Policy in Microsoft Windows Active Directory.

Understanding Group Policy on Windows Server 2003 John Howard, IT Pro Evangelist, Microsoft UK

9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam Microsoft® Windows® 2000 Directory Services Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

GROUP POLICY An overview of Microsoft Windows Group Policy.

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.

Corso referenti S.I.R.A. – Modulo 2 07 – Group Policy 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.

Introduction to Group Policy

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

Using Group Policy to Manage User Environments. Overview Introduction to Managing User Environments Introduction to Administrative Templates Assigning.

Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.

Section 2: Using Group Policy Management Tools Local vs. Domain Policies Editing Local Policies Managing Domain Policies Understanding Group Policy Refresh.

Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.

Managing User Desktops with Group Policy

Active Directory Windows2003 Server. Agenda What is Active Directory What is Active Directory Building an Active Directory Building an Active Directory.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

Overview Introduction to Managing User Environments Introduction to Administrative Templates Using Administrative Templates in Group Policy Assigning Scripts.

Lesson 17-Windows 2000/Windows 2003 Server Security Issues.

Module 6: Implementing Group Policy. Overview Implementing Group Policy Objects Implementing GPOs in a Domain Managing the Deployment of Group Policy.

Introduction to Microsoft Management Console (MMC) MMC is a common console framework for management applications. MMC provides a common environment for.

Module 6: Configuring User Environments Using Group Policy.

Module 7: Managing the User Environment by Using Group Policy.

Module 7 Configure User and Computer Environments By Using Group Policy.

Planning a Group Policy Management and Implementation Strategy Lesson 10.

Implementing Group Policy. Overview What is Group Policy Introduction to Group Policy Group Policy Structure How Group Policy Settings Are Applied in.

4. Managing the Desktop Thomas Lee Chief Technologist – QA plc.

Labs. Lab Session 1: Administering Windows Server 2008 Exercise 1: Install the DNS Server Role Exercise 2: Configuring Remote Desktop for Administration.

Module 5: Implementing Group Policy

Module 11: Troubleshooting Group Policy Issues. Module Overview Introduction to Group Policy Troubleshooting Troubleshooting Group Policy Application.

Active Directory Group Policy. Group Policy Overview  Successor to NT policies Much more flexible  Only applies to 2000 workstations Use old style policies.

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 11: Group Policy for Corporate Policy.

Module 5: Creating and Configuring Group Policies.

Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.

Administering Group Policy Chapter Eleven. Exam Objectives in this Chapter  Plan a Group Policy strategy using Resultant Set of Policy Planning mode.

Implementing Group Policy

Week 4 Objectives Overview of Group Policy Group Policy Processing Implementing a Central Store for Administrative Templates.

Implementing a Group Policy Infrastructure

11 INTRODUCTION TO GROUP POLICY Chapter 7. Chapter 7: INTRODUCTION TO GROUP POLICY2 WHAT CAN YOU DO WITH GROUP POLICY?  Control the user environment.

Module 6 Creating and Configuring Group Policy. Module Overview Overview of Group Policy Configuring the Scope of Group Policy Objects Evaluating the.

Chapter 7: Managing and Troubleshooting Group Policy.

Module 8 Implementing Security Using Group Policy.

Windows Server 2003 群組原則設定與管理林寶森

GROUP POLICY. Group Policy is a hierarchical infrastructure which allows systems administrators to configure computer and user settings from a central.

Unit 8 NT1330 Client-Server Networking II Date: 2?10/2016

1.1 Microsoft® Windows® 2003 Server Group Policy Management Prof. Abdul Hameed.

Module 8: Implementing Group Policy. Overview Multimedia: Introduction to Group Policy Implementing Group Policy Objects Implementing GPOs on a Domain.

Introduction to Group Policy Lesson 7. Group Policy Group Policy is a method of controlling settings across your network. – Group Policy consists of user.

Configuring Windows Firewall with Advanced Security

Implementing Active Directory Domain Services

Unit 8 NT1330 Client-Server Networking II Date: 8/2/2016

Utilize Group Policy Terminal Server Settings

Planning a Group Policy Management and Implementation Strategy

Windows Server 2008 Administration

Introduction to Group Policy

Presentation transcript:

GPO - WINDOWS SERVER 2012

AGENDA: Introduction Group Policy Overview Types of Group Policies/Objects Associated Technologies How to implement

3 3 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. GROUP POLICY OVERVIEW Group Policy Definition Preferences Define Scope of Policy (Site, Domain, Etc.) Inheritance/Enforce/Block Administration/GPMC Naming Conventions Security Filtering/WMI Filters RSOP /Modeling Login Scripts/Startup Scripts Fine-grained Password Policies Security Templates (More detail later) Machine vs. User Policies Group Policy Loop-back Change Control

4 4 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. USER AND COMPUTER CONFIGURATION SETTINGS Group Policy settings for users:  Desktop settings  Software settings  Windows settings  Security settings Group Policy settings for computers:  Desktop behavior  Software settings  Windows settings  Security settings

5 5 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. GPO COMPONENTS Contains Group Policy settings Stores content in two locations Group Policy Object Stored in shared SYSVOL folder Provides Group Policy settings Stored in shared SYSVOL folder Provides Group Policy settings Group Policy Template Stored in Active Directory Provides version information Stored in Active Directory Provides version information Group Policy Container

6 6 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. WHEN IS A GPO APPLIED? Computer starts Computer settings applied Startup scripts run Computer settings applied Startup scripts run Refresh Interval User logs on User settings applied Logon scripts run User settings applied Logon scripts run Refresh Interval

7 7 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. GPMC (GROUP POLICY MANAGEMENT CONSOLE)

8 8 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. WHAT IS A GPO LINK? Organizational Unit GPO Site GPO Domain GPO Site Domain OU Applied in order: Local  Site  Domain  OU

9 9 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. GP ENFORCEMENT

10 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. POLICY FILTERING

11 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. SITE POLICIES Second only to local polices Conditional Polices depending on Network location (VPN, DMZ, etc) Time Zones Printer location related policies

12 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. DOMAIN POLICIES Password and Account Policies Security and Auditing Policies Control Restricted Domain Groups Do not use the Default Domain Policy

13 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. DEFAULT DOMAIN POLICIES Password Settings Account Lockout Settings Allow system to be shutdown without having to log on Change Administrator account name to: Change Guest account name to: Clear pagefile on shutdown Digitally sign server side communication Digitally sign client communication

14 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. FINE GRAINED PASSWORD POLICIES New in AD DS 2008 Allows companies to define different password policies for groups within their organization, without creating separate domains

15 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. USER POLICIES Desktop lockdown discussion » Removal of My Documents folder from computer/Redirection » Removal of context menus » Remove Add/Remove programs » Password protect screen saver » Standard desktop? – same screen saver, desktop background, fonts, etc for certain users? » Allow/disallow shared folders » Login/Logout Scripts- SW installation » Loopback processing mode (Kiosks)

16 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. MACHINE POLICIES Roaming profiles – on or off, should they propagate to server Startup scripts and shutdown scripts – async or sync Run this at user logon – no matter which user Disk quotas Dynamic DNS Group policy refresh interval Security policy EFS policy (desktops) Remote assistance on/off (desktops) system restore on/off/settings (desktops) NTP – time settings

17 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. GUIDELINES FOR PLANNING GPOS Apply GPO settings at the highest level Reduce the number of GPOs Create specialized GPOs Use the Enforced option only when required Use Block Inheritance sparingly Use security filtering only when necessary

18 CDW — PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY. Questions?