Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows Server 2008 Administration

Published byRoderick Hoover Modified over 6 years ago

Similar presentations

Presentation on theme: "Windows Server 2008 Administration"— Presentation transcript:

1 Windows Server 2008 Administration

2 Contents Defining Administrative Model Configuring Sites
Examining Server 2008 R2 Active Directory Groups Creating Groups Managing Users with Local Security &Group Policies Managing Printers with Print Management Console

3 Administrative Model

4 Models Centralized Distributed mix
all critical servers are housed in 1 or a few locations Distributed opposite of centralized model in that tasks can be divided among IT & non-IT staff members in various locations. mix mix of administrative responsibilities using both centralized and distributed admin

5 Creating a Site

6

7 Creating Site Subnets

8 Adding Domain Controllers to Sites

9

10 Establishing Site Links

11

12 Delegating Control at Site Level

13

14 Group Types Distribution Groups
allow for grouping of contacts, users, or groups primarily for ing purposes cannot be used for granting or denying access to domain-based resources Discretionary access control lists (DACLs), which are used to grant or deny access to resources or define user rights, are made up of access control entries (ACEs)

15 Security Groups security enabled
used for assigning user rights and resource permissions or for applying computer and Active Directory-based group policies. can be defined for different levels of responsibility

16 Group Scopes in Active Directory
Domain Local Groups to assign permissions to perform domain-based administrative tasks and to access resources hosted on domain controllers Global Groups more functional than domain local groups. Universal Groups can contain users, groups, contacts, or computers from any domain in forest

17

18 Creating Groups

19

20 Populating Groups

21 Group Management

22

23 Viewing Policies with Group Policy Management Console

24 Creating New Group Policies

25

26

27 enable or disable entire GPO

28 Block Policy Inheritance

29

30 Enforce Option

31 Group Policy Modeling Tool

32

33 Managing Printers with Print Management Console

34 Install Print Management Console

35 Configuring Print Management Console

36 Printers as Network Shared Resources

37 Adding Print Servers to the Print Management Console

38 create a custom printers view

39

40 Group Policies and Policy Management
Overview Group Policy Processing - How Does It Work? Local Group Policies Security Templates Elements of Group Policy Group Policy Administrative Templates Explained Policy Management Tools Designing a Group Policy Infrastructure GPO Administrative Task

41 Overview mechanism used to centrally secure, configure, and deploy a common set of PC and user configurations, security settings organizations to enforce configurations, simplify desktop administration, secure access to network resources

42 example end-user password policy requires must exceed seven characters
must be changed every 30 days  group policies can be configured to apply

43 How Does It Work? each policy contain specific settings to define how and when a policy will be processed In GPO

44 Managing Group Policy Processing with GPO Settings
Within the Policies\Administrative Templates\System\GroupPolicy section of both Computer Configuration and User Configuration nodes of a GPO

45

46 Local Group Policies local group policies
exist on all Windows systems Active Directory group policies only on Active Directory forest

47 Local Group Policies config computer and user environment.

48 Security Templates Includes settings for computer audit policies
account management user rights assignments.

49

50 Elements of Group Policy
Group Policy Objects predefined set of available settings that can be applied to Active Directory computer and/or user objects. GPO Storage and Replication GPOs are stored in both file system and Active Directory database. Each domain GPO has a corresponding folder located within sysvol\companyabc.com\Policies

51 Group Policy Object Replication
replicated by domain controllers User Subfolder files and folders used to store the settings, Machine Subfolder files and folders used to store the settings, software, scripts, and any other policy settings specific to machine or computer object policies configured within a particular GPO ADM Subfolder created on new GPOs when legacy administrative template files are imported into a GPO. registry.pol Files settings are segmented into several sections gpt.ini File root of GPO folder Contains revision number of the GPO.

52 Group Policy Administrative Templates
include clearly defined settings that can be set to a number of different values a new GPO is created, a base set of administrative templates are imported or referenced within that policy.

53 Starter GPOs contain settings available from administrative templates.
security templates be used to import and export configured settings within security section of a policy used to prepopulate configured settings in Administrative Templates sections

54 Policy Settings configurable options made available within a particular GPO one of three values: not configured, enabled, or disabled.

55 Preference Settings Group Policies have two main setting nodes,
configure many default or initial configuration and environmental settings for users and computers. Start menu on Windows 7

56 Group Policy Object Links
key to deploying GPOs to a predetermined set of Active Directory computers and/or users. GPOs can be linked to Active Directory sites, domains, and organizational units (OUs).

57 Group Policy Link Enforcement

58 Group Policy Inheritance
allows admin to set a common base policy across AD infrastructure while allowing other admin to apply more granular policies at a lower level that apply to subsets of users or computer

59

60 GPO Filtering only desired computers or users actually apply policy
GPO security filtering where administrators can define which users, computers, or members of security groups will actually apply the group policy. GPO WMI filtering WMI filter is a query that is processed by computer objects only and be used to include or exclude particular computer objects from applying a GPO GPO status enables administrators to change the GPO

61

62 Group Policy Administrative Templates Explained

63 Policy Management Tools
Group Policy Management Console (GPMC) Group Policy Object Editor (GPOE) gpupdate.exe

64 Group Policy Management Console (GPMC)

65 Group Policy Object Editor (GPOE)

66 Print Management Console

67 Gpupdate

68 GPO Administrative Tasks
Installing Group Policy Management Tools Creating a GPO Central Store Verifying Usage of GPO Central Store Creating and Utilizing Starter GPOs Backing Up and Restoring Starter GPOs Creating New Domain Group Policies Managing GPO Status Creating and Linking WMI Filters to GPOs Managing GPO Security Filtering

69 Installing Group Policy Management Tools

70 Creating a GPO Central Store

71 Verifying Usage of GPO Central Store

72

73 Creating & Utilizing Starter GPOs

74 Backing Up & Restoring Starter GPOs

75 Saving a Starter GPO as a Cabinet File

76 Restoring a Starter GPO from Backup

77 Creating New Domain Group Policies

78 Creating & Configuring GPO Links

79 Managing GPO Status

80 Creating & Linking WMI Filters to GPOs

81

82

83 Managing GPO Security Filtering

84 Viewing GPO Settings & Creating Reports

Download ppt "Windows Server 2008 Administration"

Similar presentations

Auditing Microsoft Active Directory

Auditing Microsoft Active Directory
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.

Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.

11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
10.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Administering Active Directory

Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Understanding Active Directory

Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Guide to MCSE 70-290, Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.
Chapter 7 WORKING WITH GROUPS.

Chapter 7 WORKING WITH GROUPS.
(ITI310) By Eng. BASSEM ALSAID SESSIONS 9-10-11 2008.

(ITI310) By Eng. BASSEM ALSAID SESSIONS

Similar presentations

Ads by Google