Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Wiley Inc. 2006. All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.

Published byJacob Woods Modified over 9 years ago

Similar presentations

Presentation on theme: "© Wiley Inc. 2006. All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition."— Presentation transcript:

1 © Wiley Inc. 2006. All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition (70-294) Chapter 8: Planning, Implementing, and Managing Group Policy

2 Group Policies 2 © Wiley Inc. 2006. All Rights Reserved. Replace System Policies that existed in previous versions Designed to allow system administrators to customize end user settings and place restrictions on the types of actions that users can perform

3 Group Policy Settings 3 © Wiley Inc. 2006. All Rights Reserved. Based on administrative templates Typically three different setting options: –Enabled –Disabled –Not configured

4 Main Types of Setting Options 4 © Wiley Inc. 2006. All Rights Reserved. Software settings Windows settings Administrative templates

5 Group Policy Objects 5 © Wiley Inc. 2006. All Rights Reserved. Can hold Group Policies; act as containers for the settings made within Group Policy files Settings can be applied at three different levels: –Sites –Domains –Organizational Units

6 Inheritance Options 6 © Wiley Inc. 2006. All Rights Reserved. Block Policy Inheritance – settings for an object are not inherited from its parents Force Policy Inheritance – all lower- level objects inherit these settings

7 Planning a Group Policy Strategy 7 © Wiley Inc. 2006. All Rights Reserved. The overall goal is to reduce complexity, while still meeting the needs of your users By implementing a logical and consistent set of policies, you’ll be prepared to troubleshoot any problems that arise and to adapt to changing requirements

8 Tools for Creating GPOs 8 © Wiley Inc. 2006. All Rights Reserved. Local Security Policy Domain Security Policy Domain Controller Security Policy Active Directory Sites and Services Active Directory Users and Computers MMC Group Policy snap-in

9 Linking GPOs 9 © Wiley Inc. 2006. All Rights Reserved. After creation, the GPO must be linked to a specific Active Directory object GPOs can be linked to: –Sites –Domains –OUs

10 Default Administrative Templates 10 © Wiley Inc. 2006. All Rights Reserved. Common.adm Conf.adm Inetcorp.adm Inetres.adm Inetset.adm System.adm Windows.adm Winnt.adm Wmplayer.adm Wuau.adm

11 GPO Security Settings 11 © Wiley Inc. 2006. All Rights Reserved. Full Control Read Write Create All Child Objects Delete All Child Objects Apply Group Policy

12 Delegating Administrative Control of GPOs 12 © Wiley Inc. 2006. All Rights Reserved. Can be done with the Delegation of Control Wizard Allows you to grant appropriate permissions

13 Script Policies 13 © Wiley Inc. 2006. All Rights Reserved. Specific options that are part of Group Policy settings for users and computers Created using the Windows Script Host (WSH) or batch file commands Two main areas: –Startup/Shutdown scripts –Logon/Logoff scripts

14 Network Configuration Settings 14 © Wiley Inc. 2006. All Rights Reserved. Computer Network options User Network options

15 Microsoft’s PKI Implementation 15 © Wiley Inc. 2006. All Rights Reserved. Certificate Authorities (CAs) Certificate publishers PKI-savvy applications Certificate templates

16 Folder Redirection 16 © Wiley Inc. 2006. All Rights Reserved. Can be useful when data must always be available regardless of where user logs on Can be done with two options: –Basic –Advanced

17 RSoP 17 © Wiley Inc. 2006. All Rights Reserved. Resultant Set of Policy runs in two modes: –Logging mode –Planning mode Command-line grpresult.exe will take a snapshot of the settings that currently apply

18 Gpresult Switches 18 © Wiley Inc. 2006. All Rights Reserved. /S = generates RSoP for remote computer /USER = generates RSoP for remote user /V = verbose mode /Z = more verbose /SCOPE MACHINE = displays maximum machine information /SCOPE USER = displays maximum user information

Download ppt "© Wiley Inc. 2006. All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition."

Similar presentations

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.
Guide to MCSE 70-290, Enhanced 1 Activity 14-1: Browsing Security Templates Objective: To become familiar with built-in security templates Start  Run.

Guide to MCSE , Enhanced 1 Activity 14-1: Browsing Security Templates Objective: To become familiar with built-in security templates Start  Run.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.
Understanding Group Policy on Windows Server 2003 Michael J. Murphy TechNet Presenter

Understanding Group Policy on Windows Server 2003 Michael J. Murphy TechNet Presenter
Understanding Group Policy on Windows Server 2003.

Understanding Group Policy on Windows Server 2003.
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.

Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
MIS 431 - Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.

MIS Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.
10.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Administering Active Directory

Administering Active Directory
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Lesson 16: Creating Group Policy Objects

Lesson 16: Creating Group Policy Objects
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW  Describe the process of adding a computer to.

11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW  Describe the process of adding a computer to.

Similar presentations

Ads by Google