Presentation is loading. Please wait.

Presentation is loading. Please wait.

11 INTRODUCTION TO GROUP POLICY Chapter 7. Chapter 7: INTRODUCTION TO GROUP POLICY2 WHAT CAN YOU DO WITH GROUP POLICY?  Control the user environment.

Published byPierce O’Neal’ Modified over 9 years ago

Similar presentations

Presentation on theme: "11 INTRODUCTION TO GROUP POLICY Chapter 7. Chapter 7: INTRODUCTION TO GROUP POLICY2 WHAT CAN YOU DO WITH GROUP POLICY?  Control the user environment."— Presentation transcript:

1 11 INTRODUCTION TO GROUP POLICY Chapter 7

2 Chapter 7: INTRODUCTION TO GROUP POLICY2 WHAT CAN YOU DO WITH GROUP POLICY?  Control the user environment.  Manipulate Start menu options, wallpaper, colors, and so on.  Prevent users from using Control Panel.  Control the computer settings.  Configure DNS client settings.  Configure the time server client computers use.  Distribute software.  Force software installation.  Allow for easy optional software installation through Add/Remove Programs.  Control the user environment.  Manipulate Start menu options, wallpaper, colors, and so on.  Prevent users from using Control Panel.  Control the computer settings.  Configure DNS client settings.  Configure the time server client computers use.  Distribute software.  Force software installation.  Allow for easy optional software installation through Add/Remove Programs.

3 Chapter 7: INTRODUCTION TO GROUP POLICY3 POLICY SETTINGS  Registry-based  Software installations and repairs  Folder redirection and offline storage  Disk quotas  Scripts  Remote Installation Services  Internet Explorer configuration  Security  Registry-based  Software installations and repairs  Folder redirection and offline storage  Disk quotas  Scripts  Remote Installation Services  Internet Explorer configuration  Security

4 Chapter 7: INTRODUCTION TO GROUP POLICY4 LATENT APPLICATIONS OF GROUP POLICY  Term describes a group of policies.  Policies are not applied directly to groups.  Policies can be linked to:  Sites  Domains  OUs  Term describes a group of policies.  Policies are not applied directly to groups.  Policies can be linked to:  Sites  Domains  OUs

5 Chapter 7: INTRODUCTION TO GROUP POLICY5 GROUP POLICY BENEFITS  User benefits  Access to files either offline or online.  Consistent environment.  Files are centrally backed up.  Administrator benefits  Centralized management of computer and user settings.  Centralized application distribution.  Centralized backup.  Centralized security enforcement.  User benefits  Access to files either offline or online.  Consistent environment.  Files are centrally backed up.  Administrator benefits  Centralized management of computer and user settings.  Centralized application distribution.  Centralized backup.  Centralized security enforcement.

6 Chapter 7: INTRODUCTION TO GROUP POLICY6 UNDERSTANDING GROUP POLICY OBJECTS (GPOs)  Local GPO  Gpedit.msc (Local Computer Policy)  Local Security Policy  Non-Local Group Policy Objects  Stored in Sysvol  Linked to sites, domains, or OUs  Local GPO  Gpedit.msc (Local Computer Policy)  Local Security Policy  Non-Local Group Policy Objects  Stored in Sysvol  Linked to sites, domains, or OUs

7 Chapter 7: INTRODUCTION TO GROUP POLICY7 LOCAL GROUP POLICY

8 Chapter 7: INTRODUCTION TO GROUP POLICY8 GROUP POLICY CONTAINER OBJECT

9 Chapter 7: INTRODUCTION TO GROUP POLICY9 GROUP POLICY TEMPLATE (GPT)

10 Chapter 7: INTRODUCTION TO GROUP POLICY10 GPT STRUCTURE AND GPT.INI

11 Chapter 7: INTRODUCTION TO GROUP POLICY11 GROUP POLICY OBJECT EDITOR FOR DOMAINS AND OUS

12 Chapter 7: INTRODUCTION TO GROUP POLICY12 GROUP POLICY OBJECT EDITOR FOR SITES

13 Chapter 7: INTRODUCTION TO GROUP POLICY13 GROUP POLICY SETTINGS

14 Chapter 7: INTRODUCTION TO GROUP POLICY14 SOFTWARE SETTINGS

15 Chapter 7: INTRODUCTION TO GROUP POLICY15 WINDOWS SETTINGS

16 Chapter 7: INTRODUCTION TO GROUP POLICY16 ADMINISTRATIVE TEMPLATES

17 Chapter 7: INTRODUCTION TO GROUP POLICY17 ADMINISTRATIVE TEMPLATE SETTING OPTIONS

18 Chapter 7: INTRODUCTION TO GROUP POLICY18 GROUP POLICIES AND THE ACTIVE DIRECTORY STRUCTURE  Linked to site—Affects all users and computers in the site to which the policy is linked, regardless of domain membership  Linked to domain—Affects all users and computers in the domain to which the policy is linked  Linked to OU—Affects all users and computers in the OU to which the policy is linked  Linked to site—Affects all users and computers in the site to which the policy is linked, regardless of domain membership  Linked to domain—Affects all users and computers in the domain to which the policy is linked  Linked to OU—Affects all users and computers in the OU to which the policy is linked

19 Chapter 7: INTRODUCTION TO GROUP POLICY19 HOW GROUP POLICIES ARE PROCESSED  Local-Site-Domain-OU (LSDOU) order.  Different settings are merged.  If there is a conflict on a particular setting:  By default, the last policy applied wins.  Exceptions: No Override, Block Policy Inheritance, and User Group Policy loopback processing mode.  Local-Site-Domain-OU (LSDOU) order.  Different settings are merged.  If there is a conflict on a particular setting:  By default, the last policy applied wins.  Exceptions: No Override, Block Policy Inheritance, and User Group Policy loopback processing mode.

20 Chapter 7: INTRODUCTION TO GROUP POLICY20 SCHOOL OF FINE ART AND GROUP POLICY APPLICATION

21 Chapter 7: INTRODUCTION TO GROUP POLICY21 MULTIPLE POLICIES LINKED TO A CONTAINER

22 Chapter 7: INTRODUCTION TO GROUP POLICY22 GROUP POLICY PROCESSING AT STARTUP AND LOGON  During computer startup, a list of GPOs for the computer is obtained.  Computer settings are applied during startup.  Startup scripts are run.  Windows Logon prompt appears when step 3 completes.  Upon successful validation of user, the user profile loads.  A list of GPOs for the user is obtained.  Logon scripts are run.  The user interface appears.  During computer startup, a list of GPOs for the computer is obtained.  Computer settings are applied during startup.  Startup scripts are run.  Windows Logon prompt appears when step 3 completes.  Upon successful validation of user, the user profile loads.  A list of GPOs for the user is obtained.  Logon scripts are run.  The user interface appears.

23 Chapter 7: INTRODUCTION TO GROUP POLICY23 NO OVERRIDE  Ensures policy is applied, regardless of priority, hierarchy, inheritance blocking, or conflicting settings  Configured on a per-policy basis  Ensures policy is applied, regardless of priority, hierarchy, inheritance blocking, or conflicting settings  Configured on a per-policy basis

24 Chapter 7: INTRODUCTION TO GROUP POLICY24 BLOCK POLICY INHERITANCE  Prevents policies from being inherited from higher levels in the Active Directory hierarchy  Can be used at the Domain or OU level only—not per policy  Cannot stop a policy marked as No Override  Prevents policies from being inherited from higher levels in the Active Directory hierarchy  Can be used at the Domain or OU level only—not per policy  Cannot stop a policy marked as No Override

25 Chapter 7: INTRODUCTION TO GROUP POLICY25 USER GROUP POLICY LOOPBACK PROCESSING MODE  Maintains a specified user environment, no matter which user logs on  Allows a computer account to apply User Settings last  In merge mode, any conflicting settings are won by the loopback-enabled Group Policy.  In replace mode, all user settings are set to whatever is configured in the loopback-enabled Group Policy.  Maintains a specified user environment, no matter which user logs on  Allows a computer account to apply User Settings last  In merge mode, any conflicting settings are won by the loopback-enabled Group Policy.  In replace mode, all user settings are set to whatever is configured in the loopback-enabled Group Policy.

26 Chapter 7: INTRODUCTION TO GROUP POLICY26 SUMMARY  Group Policy is used to control both User settings and Computer settings.  GPOs can be linked to sites, domains, and OUs.  GPOs have two parts: GPC and GPT.  Default GPOs.  Default Domain Policy  Default Domain Controllers Policy  Processing Order: L-S-D-OU.  Exceptions: Block Policy Inheritance, No Override, and loopback.  Group Policy is used to control both User settings and Computer settings.  GPOs can be linked to sites, domains, and OUs.  GPOs have two parts: GPC and GPT.  Default GPOs.  Default Domain Policy  Default Domain Controllers Policy  Processing Order: L-S-D-OU.  Exceptions: Block Policy Inheritance, No Override, and loopback.

Download ppt "11 INTRODUCTION TO GROUP POLICY Chapter 7. Chapter 7: INTRODUCTION TO GROUP POLICY2 WHAT CAN YOU DO WITH GROUP POLICY?  Control the user environment."

Similar presentations

Understanding Group Policy on Windows Server 2003.

Understanding Group Policy on Windows Server 2003.
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.

Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.
Chapter 8 Configuring Group Policies

Chapter 8 Configuring Group Policies
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
11.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

11.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
MIS 431 - Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.

MIS Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.
10.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Lesson 16: Creating Group Policy Objects

Lesson 16: Creating Group Policy Objects
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Guide to MCSE 70-290, Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.
(ITI310) By Eng. BASSEM ALSAID SESSIONS 9-10-11 2008.

(ITI310) By Eng. BASSEM ALSAID SESSIONS
Understanding Group Policy on Windows Server 2003 John Howard, IT Pro Evangelist, Microsoft UK

Understanding Group Policy on Windows Server 2003 John Howard, IT Pro Evangelist, Microsoft UK
9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure.

9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam Microsoft® Windows® 2000 Directory Services Infrastructure.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
GROUP POLICY An overview of Microsoft Windows Group Policy.

GROUP POLICY An overview of Microsoft Windows Group Policy.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.

Similar presentations

Ads by Google