Presentation is loading. Please wait.

Presentation is loading. Please wait.

Unit 8 NT1330 Client-Server Networking II Date: 8/2/2016

Published byHubert Simmons Modified over 6 years ago

Similar presentations

Presentation on theme: "Unit 8 NT1330 Client-Server Networking II Date: 8/2/2016"— Presentation transcript:

1 Unit 8 NT1330 Client-Server Networking II Date: 8/2/2016
ITT TECHNICAL INSTITUTE NT1330 Client-Server Networking II Date: 8/2/2016 Instructor: Williams Obinkyereh

2 Class Agenda 1 Learning Objectives Lesson Presentation, Discussions and video. Assignments and Lab Activities. Break Times as per School regulation Note: Submit all Assignment and labs due today.

3 Class Agenda 2 Theory : Unit 8:00pm-8:00pm) Lab : (8:15pm to 11:00pm) Text book for Unit 8: Windows Server 2008 Active Directory Configuration MOAC Lesson 7 and 8

4 Introduction to Group Policy
Lesson 7

5 Configuring the User and Computer Environment Using Group Policy
Lesson 8

6 Group Policy Group Policy is a method of controlling settings across your network. Group Policy consists of user and computer settings. You can configure one or more GPOs within a domain (domain, sites and OUs) within Active Directory. You can link multiple GPOs to a single container or link one GPO to multiple containers throughout the Active Directory structure. Emphasize the power of group policies and all of the wonderful things you can do with them. Also explain how group policies are essential to security.

7 Group Policy The following managed settings can be defined or changed through Group Policies: Registry-based policies Software installation policies Folder redirection Offline file storage

8 Group Policy Scripts Windows Deployment Services (WDS)
Microsoft Internet Explorer settings. Security settings

9 Group Policy Objects (GPOs)
There are three types of GPOs: Local GPOs. Domain GPOs. Starter GPOs.

10 Default Group Policies
When Active Directory is installed, two domain GPOs are created by default. Default Domain Policy. Default Domain Controller Policy

11 Creating and Managing Group Policies
The Group Policy Management Console (GPMC) is the Microsoft Management Console (MMC) snap-in that is used to create and modify Group Policies and their settings. The GPMC is not explained in the book until a later chapter. But you need to use it for the students to see group policies in this chapter.

12 Group Policy Management Console (GPMC)
Show group policies and how to set them.

13 The actual settings are divided into two subcategories:
Group Policy Settings Configuring Group Policy settings enables you to customize the configuration of a user’s desktop, environment, and security settings. The actual settings are divided into two subcategories: Computer Configuration User Configuration

14 Group Policy Processing (LSDOU)
Local policies. Site policies. Domain policies. OU policies. Any conflicting GPO settings are overwritten by the later running GPO.

15 To manually push group policies, you need to use the gpupdate command:
If you make changes to a group policy, users may not see changes take effect until: They log off or log back in. They Reboot the computer. They wait 90 minutes (+/- 30 minutes) for stand-alone servers/workstations and 2 minutes for domain controllers. To manually push group policies, you need to use the gpupdate command: Gpupdate /force This is introduced in next chapter but should be emphasized often.

16 Security Settings

17 Security Settings

18 Security Settings

19 Account Policies Account policies influence how a user interacts with a computer or a domain. By default, they are linked to the Default Domain Policy. This account policy is applied to all accounts throughout the domain by default, unless you create one or more Fine-Grained Password Policies (FGPP) that override the domain-wide policy. These Fine-Grained Password Policies can be applied.

20 Kerberos Policy Kerberos is the default mechanism for authenticating domain users in Windows Server 2008, Windows Server 2003, and Microsoft Windows Kerberos is a ticket-based system that allows domain access by using a Key Distribution Center (KDC), which is used to issue Kerberos tickets to users, computers, or network services.

21 Kerberos Policy

22 Local Policies Allow administrators to set user privileges on the local computer that govern what users can do on the computer and determine if these actions are tracked within an event log (auditing): User Rights Assignment. Security Options. Audit Policy.

23 User Rights Go over the key user rights. Also explain the local logon right and how you get a message if you don’t have it.

24 Audit Policy Show auditing policies. Also file auditing.

25 Restricted Groups Policy
Allows an administrator to specify group membership lists. You can control membership in important groups, such as the local Administrators and Backup Operators groups.

26 Folder Redirection Policy
Folder redirection provides administrators with the ability to redirect the contents of certain folders to a network location or to another location on the user’s local computer. Contents of folders on a local computer located in the Documents and Settings folder, including the Documents, Application Data, Desktop, and Start Menu folders, can be redirected.

27 Offline Files Policy A separate Group Policy category that can allow files to be available to users, even when the users are disconnected from the network.

28 Disk Quotas Limit the amount of space available on the server for user data.

29 Summary Group Policy consists of user and computer settings that can be implemented during computer startup and user logon. These settings can be used to customize the user environment, to implement security guidelines, and to assist in simplifying user and desktop administration. Group Policies can be beneficial to users and administrators. They can be used to increase a company's return on investment and to decrease the overall total cost of ownership for the network.

30 Summary Most security-related settings are found within the Windows Settings node of the Computer Configuration node of a GPO. Policy settings that you wish to apply to all computers or users within a domain should be made within the Default Domain Policy GPO. Generally, domain-wide account policies, such as Password Policies, Account Lockout, and Kerberos settings, are modified here.

31 Unit 8 Assignments and Labs
Unit 8. Assignment 1. Group Policy in a Mixed Client OS Environment Unit 8. Lab 1. Exploring Group Policy Administration Unit 8. Exercise 1. Administrative Control versus Trust: Research/Scenario

Download ppt "Unit 8 NT1330 Client-Server Networking II Date: 8/2/2016"

Similar presentations

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Understanding Group Policy on Windows Server 2003.

Understanding Group Policy on Windows Server 2003.
Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.

Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
12.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
MIS 431 - Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.

MIS Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Lesson 16: Creating Group Policy Objects

Lesson 16: Creating Group Policy Objects
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW Describe the process of adding a computer to.

11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW Describe the process of adding a computer to.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.

Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.
Module 8: Implementing Administrative Templates and Audit Policy.

Module 8: Implementing Administrative Templates and Audit Policy.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
GROUP POLICY An overview of Microsoft Windows Group Policy.

GROUP POLICY An overview of Microsoft Windows Group Policy.
Corso referenti S.I.R.A. – Modulo 2 07 – Group Policy 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.

Corso referenti S.I.R.A. – Modulo 2 07 – Group Policy 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.

Similar presentations

Ads by Google