Presentation is loading. Please wait.

Presentation is loading. Please wait.

Group Policies (the day after) Group Policy Preferences Powershell.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Group Policies (the day after) Group Policy Preferences Powershell."— Presentation transcript:

1

2 Group Policies (the day after) Group Policy Preferences Powershell

3 How can we keep track of what we have done or changed? We can name the policy appropriately based on function or grouping of settings – Interactive_Logon_Policy – Internet_Explorer_Policy The GPMC allows us to make comments regarding a particular policy.

4 What should we comment on? – Who’s in charge of the GPO – Who to call if there is a problem? – Who is supposed to be affected by this GPO? – Detailed information about what this GPO should do – Who will get fired if this doesn’t work

5 Comments… GPMC  Select Policy  Edit  Right click on Policy name (see below)  Properties

6 Comments…

7 Controlling how GPO’s run – Disable local GPOs from applying CC  Policies  Admin Templates  System  Group Policy

8 Controlling how GPO’s run – Disable Link Enabled Status – Disable “half” of a Group Policy Will speed up processing (not very noticeable)

9 Controlling how GPO’s run – The Enforced Function Guarantees that policy settings within a GPO from a higher level are always inherited by lower levels Right click on Policy and choose Enforce

10 Group Policy Preferences (GPP) are essentially an extension DLL (dynamic link library) that does a bunch of stuff. Can be “undone” by the user

11 Computer Configuration  Preferences  Windows Settings Environment: – Set user and system environment variables – Change the Windows system path variable Files – Copy files from point A to point B Server share to %Documents% on the local system Folders – Create, delete or empty folders

12 Network Shares – Create shares on workstations or servers Shorcuts – Place program or URL on desktops, startup folder, Programs folders, etc etc.

13 Computer/User Configuration  Preferences  Control Panel

14 Common Control Panel Settings Local users and groups – Create/change local users – Modify local user passwords – Change local user group membership Power Options – Create power options for XP – Create power plans for Vista and later

15

16 Printers – Computer  Local/IP – User  Local/IP/Shared

17 Microsoft ® shell environment Gives administrators more power and command in the shell environment – Hence…PowerShell? Active Directory Module for Windows® Powershell allows for Active Directory specific command-line and scripted operations Only available in Windows ® Server R2 and Windows ® 7

18 First, we need to understand naming formats – Distinguished name  cn=John Doe, OU=Sale_OU, DC=MS1, DC=local – RDN  Relative Distinguished Name CN  Common Name DC  Domain Component OU  Organizational Unit – Fully Qualified Domain Name (FQDN)  SVBlue1.ms1.local

19 Growing resources daily – http://technet.microsoft.com/en- us/scriptcenter/powershell.aspx http://technet.microsoft.com/en- us/scriptcenter/powershell.aspx – http://gallery.technet.microsoft.com/ScriptCenter/en-us/ http://gallery.technet.microsoft.com/ScriptCenter/en-us/ – http://technet.microsoft.com/en- us/library/dd378937(WS.10).aspx http://technet.microsoft.com/en- us/library/dd378937(WS.10).aspx

20 Creating an Active Directory user account: – New-aduser How do I use it? Get HELP! No seriously get- help – Get-help new-aduser – Get-help new-aduser –examples – Get-help new-aduser –detailed new-aduser jdoe New-aduser “John Doe” –samaccountname “jdoe” –Givenname “John” –Surname ……..

21 Setting Passwords – Set-ADAccountPassword –Identity jdoe -Reset - NewPassword (ConvertTo-SecureString - AsPlainText "p@ssw0rd" –Force) Change attributes for multiple users – Get-ADUser -Filter 'Name -like "*"' -SearchBase "OU=Sale_OU,DC=MS1, DC=Local" | Set-ADUser - Description "Member of the Sales Department"

22 Display user attributes – Get-aduser jdoe – Get-aduser jdoe –properties * | more Add groups and members – Add-adgroupmember “Sale_Group” – Add-adgroupmember “Sale_Group” –member jdoe A great deal more online

23 You can add comments to help document GPOs Enforced Function overrules blocking of inheritance You can disable “half” of a GPO GPP’s can be undone by the users Active Directory Module for Windows® Powershell allows for command-line and scripted operations

Download ppt "Group Policies (the day after) Group Policy Preferences Powershell."

Similar presentations

NREL is a national laboratory of the U.S. Department of Energy Office of Energy Efficiency and Renewable Energy operated by the Alliance for Sustainable.

NREL is a national laboratory of the U.S. Department of Energy Office of Energy Efficiency and Renewable Energy operated by the Alliance for Sustainable.
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.

Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.
Managing User Settings with Group Policy

Managing User Settings with Group Policy
New Microsoft ® shell environment Gives administrators more power and command in the shell environment – Hence…PowerShell? Active Directory Module for.

New Microsoft ® shell environment Gives administrators more power and command in the shell environment – Hence…PowerShell? Active Directory Module for.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
MIS 431 - Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.

MIS Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.
10.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Guide to MCSE 70-290, Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Chapter 7 WORKING WITH GROUPS.

Chapter 7 WORKING WITH GROUPS.
(ITI310) By Eng. BASSEM ALSAID SESSIONS 9-10-11 2008.

(ITI310) By Eng. BASSEM ALSAID SESSIONS
Microsoft ® Official Course Module 4 Automating Active Directory Domain Services Administration.

Microsoft ® Official Course Module 4 Automating Active Directory Domain Services Administration.
11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.

11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.
Active Directory: OU Administration December 17th, 2008 1-4pm Daniels 407.

Active Directory: OU Administration December 17th, pm Daniels 407.

Similar presentations

Ads by Google