CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

Slides:



Advertisements
Similar presentations
Understanding Group Policy on Windows Server 2003.
Advertisements

Module 5: Creating and Configuring Group Policy
Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.
Managing User Settings with Group Policy
Chapter 8 Configuring Group Policies
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
MIS Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.
10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Lesson 16: Creating Group Policy Objects
7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.
CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+
(ITI310) By Eng. BASSEM ALSAID SESSIONS
Understanding Group Policy on Windows Server 2003 John Howard, IT Pro Evangelist, Microsoft UK
9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam Microsoft® Windows® 2000 Directory Services Infrastructure.
9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.
1 Chapter Overview Understanding Group Policies Implementing Group Policies Using Security Policies Troubleshooting Group Policy Problems.
Corso referenti S.I.R.A. – Modulo 2 07 – Group Policy 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.
Introduction to Group Policy
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Using Group Policy to Manage User Environments. Overview Introduction to Managing User Environments Introduction to Administrative Templates Assigning.
Using Group Policy Lesson 4. Skills Matrix Technology SkillObjective Domain SkillDomain # Creating and Understanding Group Policy Modeling and Group Policy.
Section 2: Using Group Policy Management Tools Local vs. Domain Policies Editing Local Policies Managing Domain Policies Understanding Group Policy Refresh.
7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Overview Introduction to Managing User Environments Introduction to Administrative Templates Using Administrative Templates in Group Policy Assigning Scripts.
Module 6: Implementing Group Policy. Overview Implementing Group Policy Objects Implementing GPOs in a Domain Managing the Deployment of Group Policy.
Introduction to Microsoft Management Console (MMC) MMC is a common console framework for management applications. MMC provides a common environment for.
11.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 11: Planning.
Module 7: Managing the User Environment by Using Group Policy.
Module 7 Configure User and Computer Environments By Using Group Policy.
Planning a Group Policy Management and Implementation Strategy Lesson 10.
Implementing Group Policy. Overview What is Group Policy Introduction to Group Policy Group Policy Structure How Group Policy Settings Are Applied in.
GPO - WINDOWS SERVER AGENDA: Introduction Group Policy Overview Types of Group Policies/Objects Associated Technologies How to implement.
4. Managing the Desktop Thomas Lee Chief Technologist – QA plc.
Section 11: Implementing Software Restriction Policies and AppLocker What Is a Software Restriction Policy? Creating a Software Restriction Policy Using.
CN2140 Server II Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Module 5: Implementing Group Policy
Module 11: Troubleshooting Group Policy Issues. Module Overview Introduction to Group Policy Troubleshooting Troubleshooting Group Policy Application.
Section 4: Understanding the Architecture of Group Policy Processing Group Policy Components in AD DS Understanding the Group Policy Processing Sequence.
Active Directory Group Policy. Group Policy Overview  Successor to NT policies Much more flexible  Only applies to 2000 workstations Use old style policies.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 11: Group Policy for Corporate Policy.
Module 5: Creating and Configuring Group Policies.
Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.
1 Group Policies (Week 11, Monday 3/19/2007) © Abdou Illia, Spring 2007.
DPW © DPW © Donna Warren WINDOWSSERVER2008 Windows Server 2008 Security UNIT 11.
Administering Group Policy Chapter Eleven. Exam Objectives in this Chapter  Plan a Group Policy strategy using Resultant Set of Policy Planning mode.
Implementing Group Policy
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
Week 4 Objectives Overview of Group Policy Group Policy Processing Implementing a Central Store for Administrative Templates.
Implementing a Group Policy Infrastructure
11 INTRODUCTION TO GROUP POLICY Chapter 7. Chapter 7: INTRODUCTION TO GROUP POLICY2 WHAT CAN YOU DO WITH GROUP POLICY?  Control the user environment.
Module 6 Creating and Configuring Group Policy. Module Overview Overview of Group Policy Configuring the Scope of Group Policy Objects Evaluating the.
Module 11: Troubleshooting Group Policy Issues. Module Overview Introduction to Group Policy Troubleshooting Troubleshooting Group Policy Application.
10.1 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam Microsoft® Windows® 2000 Directory Services Infrastructure.
Windows Server 2003 群組原則設定與管理 林寶森
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
GROUP POLICY. Group Policy is a hierarchical infrastructure which allows systems administrators to configure computer and user settings from a central.
Unit 8 NT1330 Client-Server Networking II Date: 2?10/2016
1.1 Microsoft® Windows® 2003 Server Group Policy Management Prof. Abdul Hameed.
Module 8: Implementing Group Policy. Overview Multimedia: Introduction to Group Policy Implementing Group Policy Objects Implementing GPOs on a Domain.
Introduction to Group Policy Lesson 7. Group Policy Group Policy is a method of controlling settings across your network. – Group Policy consists of user.
Unit 8 NT1330 Client-Server Networking II Date: 8/2/2016
Utilize Group Policy Terminal Server Settings
Windows Server 2008 Administration
Introduction to Group Policy
Presentation transcript:

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

Agenda Chapter 7: Introduction to Group Policy Quiz Exercise

Group Policy Group Policy is a method of controlling settings across your network ▫Consists of user and computer settings on all versions from Windows 2000 Linking is a process, which applies GPOs settings to various containers (domain, sites and OUs) within Active Directory ▫Link multiple GPOs to a single container ▫Link one GPO to multiple containers

Group Policy (Cont.) The following managed settings can be defined or changed through Group Policies: ▫Registry-based policies  Modify the Windows Registry – desktop settings, env. variable ▫Software installation policies  To ensure that users always have the latest versions of applications. ▫Folder redirection ▫Offline file storage

Group Policy (Cont.) The following managed settings can be defined or changed through Group Policies: ▫Scripts  Including logon, logoff, startup, and shutdown scripts ▫Windows Deployment Services (WDS) ▫Ms IE settings  Provide quick links and bookmarks for user accessibility, browser options such as proxy use, acceptance of cookies, and caching options ▫Security settings  Protect resources on computers in the enterprise

Security group filtering Allows you to apply GPO settings to only one or more users or groups within a container by selectively granting permission to one or more users or security groups

Group Policy Objects (GPOs) Local GPOs ▫Stored on the local computer in the %systemroot%/System32/GroupPolicy folder. ▫Local GPOs contain fewer options. ▫Do not support folder redirection or Group Policy software installation. ▫The local GPO is overwritten by the nonlocal GPO (AD-based), when in conflict Domain GPOs Start GPOs ▫GPO templates within AD

Group Policy Objects (Cont.) Nonlocal GPO are linked to sites, domains, or Ous. GPOs are stored in two places: ▫Group Policy container (GPC) — An Active Directory object that stores the properties of the GPO. ▫Group Policy template (GPT) — Located in the Policies subfolder of the SYSVOL share, the GPT is a folder that stores policy settings, such as security settings and script files.

Default Group Policies When Active Directory is installed, two domain GPOs are created by default. ▫Default Domain Policy  It is linked to the domain, and its settings affect all users and computers in the domain. ▫Default Domain Controller Policy  It is linked to the Domain Controllers OU and its settings affect all domain controllers in the domain.

Group Policy Management Console Microsoft Management Console (MMC) snap-in ▫The GPMC was not pre-installed in Windows Server 2003; it needed to be downloaded manually from the Microsoft Web site. ▫The GPCM is included in Windows Server 2008 by default. When you configure a GPO, you will use the Group Policy Management Editor, which can be accessed through the GPMC or through Active Directory Users and Computers.

Group Policy Settings Configuring Group Policy settings enables you to customize the configuration of a user’s desktop, environment, and security settings. The actual settings are divided into two subcategories: ▫Computer Configuration ▫User Configuration

Group Policy Settings (Cont.) The Computer Configuration and the User Configuration nodes contain three subnodes: ▫Software Settings  Used to apply all the software settings regardless of the computer ▫Windows Settings  Used for define security settings and scripts. ▫Administrative Templates

GPO Inheritance You link a GPO to a domain, site, or OU or create and link a GPO to one of these containers in a single step. The settings within that GPO apply to all child objects within the object.

Group Policy Processing (LSDOU) Local policies Site policies Domain policies OU Policies Any conflicting GPO settings are overwritten by the later running GPO

Understanding Group Policy Processing The computer will obtain a list of GPOs during startup Computer configuration settings are applied synchronously during computer startup before the Logon dialog box is presented to the user Any startup scripts set to run during computer startup are processed. Then user is prompted to press Ctrl+Alt+Del to log on

Understanding Group Policy Processing The user profile is loaded based on the Group Policy settings A list of GPOs specific for the user is obtained from the domain controller. ▫User Configuration settings also are processed in the LSDOU sequence. After the user policies run, any logon scripts run The user's desktop appears after all policies and scripts have been processed.

Configuring Exceptions to GPO Processing Enforce ▫Forces a particular GPO’s settings to flow down through the Active Directory without being blocked by any child OUs. Block Policy Inheritance ▫Configuring this setting on a container object such as a site, domain, or OU will block all policies from parent containers Loopback Processing ▫Alternative method of obtaining the ordered list of GPOs to be processed for the user. ▫When set to Enabled, this setting has two options: Merge and Replace.

GPUpdate Command If you make changes to a group policy, users may not see changes take effect until: ▫They log off or log back in. ▫They Reboot the computer. ▫They wait 90 minutes (+/- 30 minutes) for stand- alone servers/workstations and 2 minutes for domain controllers. To manually push group policies, you need to use the gpupdate command: Gpupdate /force

Assignment Matching ▫1-10 Multiple Choice ▫1-10 Online Lab 7