1 / 41

Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy

Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy. Overview. The capabilities of group policies. Manage security using group policies. Manage users’ environment using group policies. Manage group policy implementation and interaction.

Download Presentation

Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy

  2. Overview • The capabilities of group policies. • Manage security using group policies. • Manage users’ environment using group policies. • Manage group policy implementation and interaction.

  3. The Capabilities of Group Policies • Group policy tools. • Group policy settings categories.

  4. Group Policy Tools Group Policy Object Editor (GPOE): • Is the most commonly used tool for working with the Group Policy Objects (GPOs). • Is a snap-in for the Microsoft Management Console (MMC).

  5. Group Policy Tools There are several methods of accessing the GPOE: • Through the properties of the scope of management (SOM) to which the GPO is linked. • By creating a new GPOE console.

  6. Group Policy Tools The Group Policy tab of the Domain Properties dialog box

  7. Group Policy Tools The Group Policy Object Editor Console

  8. Group Policy Tools Group Policy Management Console (GPMC): • Is the newest tool for working with GPOs. • Provides a single, unified interface for managing all aspects of all existing group policies within the domain. • Provides tools for analyzing and controlling the interaction of multiple policies.

  9. Group Policy Tools The Group Policy Management Console

  10. Group Policy Settings Categories • Computer configuration settings. • User configuration settings.

  11. Group Policy Settings Categories The computer and the user configuration settings are subdivided into the following categories: • Software settings • Windows settings • Administrative templates

  12. Software Settings Software Settings in the Group Policy Object Editor

  13. Windows Settings • The computer and the user configuration Windows settings are used to configure startup and shutdown scripts. • The user configuration Windows settings provide fewer security settings than those available under computer configuration.

  14. Administrative Templates The administrative templates settings for computer and user configuration can be used to: • Change the desktop. • Modify the logon procedure. • Remove items from the Start menu or the Control Panel.

  15. Manage Security Using Group Policies • Security settings. • Software restriction policies.

  16. Security Settings Account policies include: • Password policies • Kerberos policies • Account lockout policies

  17. Security Settings Password Policies and Their Default Domain Policy Settings

  18. Security Settings Kerberos policies: • Kerberos policies rarely need to be modified. • Kerberos security authenticates user accounts when users log on. • It also allows them to request services from the server without further authentication.

  19. Security Settings Account Lockout policies and Their Default Domain Policy Settings

  20. Software Restriction Policies Software restriction policies: • Are one of the new features of Windows Server 2003. • Help to block executing specific programs in a directory.

  21. Software Restriction Policies The GPO Console

  22. Software Restriction Policies Defining the Policy

  23. Software Restriction Policies Account Lockout Threshold Properties

  24. Software Restriction Policies Software Restriction Policies

  25. Software Restriction Policies New Path Rule

  26. Manage Users’ Environment Using Group Policy Policy Settings Breakdown for the Group Policy Administrative Templates

  27. Manage Users’ Environment Using Group Policy Administrative Templates First-Level Categories and Where They Are Found

  28. Manage Users’ EnvironmentUsing Group Policy The administrative templates settings can be used: • When the taskbar needs to be locked. • When an appropriate wallpaper needs to be used. • When access to Control Panel needs to be restricted.

  29. Manage Users’ Environment Using Group Policy Preventing Changes to Taskbar and Start Menu Settings

  30. Manage Users’ Environment Using Group Policy Setting Active Desktop Wallpaper

  31. Manage Users’ Environment Using Group Policy Restrict Access to the Control Panel

  32. Manage Group Policy Implementation and Interaction • Applying group policy. • Analyzing group policy interactions.

  33. Applying Group Policy • Group Policy Object Options. • Group Policy Object Properties.

  34. Group Policy Object Options The options in the Group Policy Object Options dialog box are: • No Override – Prevents any other settings from taking a higher priority. • Disabled – Does not allow the settings to be applied, if a GPO link is disabled.

  35. Group Policy Object Options The Group Policy Object Options dialog box

  36. Group Policy Object Properties The various tabs of the Properties dialog box for a GPO link are: • General – Allows users to disable the computer and/or the used configuration settings. • Links – Offers a Find Now button that searches and displays the sites, domains, and OUs to which the GPO is linked.

  37. Analyzing Group Policy Interactions Resultant Set of Policy (RSoP): • Is a group policy tool. • Analyzes all the policies that apply in a particular situation. • Reports the resultant policy.

  38. Analyzing Group Policy Interactions RSoP can be run in one of the following modes: • Planning • Logging

  39. Summary • The various tools for working with the group policy objects (GPOs) are the Group Policy Object Editor (GPOE) and the Group Policy Management Console (GPMC). • The GPO settings are divided into the user and the computer configuration settings. • The user and the computer configuration settings are further divided into software settings, Windows settings, and administrative templates.

  40. Summary • The most commonly used security settings are the account policies. • Account policies include password, account lockout, and Kerberos policies. • Software restriction policies help to block executing specific programs in an entire directory.

  41. Summary • The five administrative templates files are System.adm, Inetres.adm, conf.adm, Wuau.adm, and Wmplayer.adm. • Resultant Set of Policy (RSoP) is a tool for analyzing the effect of all applicable policies on a particular domain, site, OU, computer, or user.

More Related