1 / 26

INTRODUCTION TO GROUP POLICY

Chapter 7. INTRODUCTION TO GROUP POLICY. WHAT CAN YOU DO WITH GROUP POLICY?. Control the user environment. Manipulate Start menu options, wallpaper, colors, and so on. Prevent users from using Control Panel. Control the computer settings. Configure DNS client settings.

audra
Download Presentation

INTRODUCTION TO GROUP POLICY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 7 INTRODUCTION TO GROUP POLICY

  2. Chapter 7: INTRODUCTION TO GROUP POLICY WHAT CAN YOU DO WITH GROUP POLICY? • Control the user environment. • Manipulate Start menu options, wallpaper, colors, and so on. • Prevent users from using Control Panel. • Control the computer settings. • Configure DNS client settings. • Configure the time server client computers use. • Distribute software. • Force software installation. • Allow for easy optional software installation through Add/Remove Programs.

  3. Chapter 7: INTRODUCTION TO GROUP POLICY POLICY SETTINGS • Registry-based • Software installations and repairs • Folder redirection and offline storage • Disk quotas • Scripts • Remote Installation Services • Internet Explorer configuration • Security

  4. Chapter 7: INTRODUCTION TO GROUP POLICY LATENT APPLICATIONS OF GROUP POLICY • Term describes a group of policies. • Policies are not applied directly to groups. • Policies can be linked to: • Sites • Domains • OUs

  5. Chapter 7: INTRODUCTION TO GROUP POLICY GROUP POLICY BENEFITS • User benefits • Access to files either offline or online. • Consistent environment. • Files are centrally backed up. • Administrator benefits • Centralized management of computer and user settings. • Centralized application distribution. • Centralized backup. • Centralized security enforcement.

  6. Chapter 7: INTRODUCTION TO GROUP POLICY UNDERSTANDING GROUP POLICY OBJECTS (GPOs) • Local GPO • Gpedit.msc (Local Computer Policy) • Local Security Policy • Non-Local Group Policy Objects • Stored in Sysvol • Linked to sites, domains, or OUs

  7. Chapter 7: INTRODUCTION TO GROUP POLICY LOCAL GROUP POLICY

  8. Chapter 7: INTRODUCTION TO GROUP POLICY GROUP POLICY CONTAINER OBJECT

  9. Chapter 7: INTRODUCTION TO GROUP POLICY GROUP POLICY TEMPLATE (GPT)

  10. Chapter 7: INTRODUCTION TO GROUP POLICY GPT STRUCTURE AND GPT.INI

  11. Chapter 7: INTRODUCTION TO GROUP POLICY GROUP POLICY OBJECT EDITOR FOR DOMAINS AND OUS

  12. Chapter 7: INTRODUCTION TO GROUP POLICY GROUP POLICY OBJECT EDITOR FOR SITES

  13. Chapter 7: INTRODUCTION TO GROUP POLICY GROUP POLICY SETTINGS

  14. Chapter 7: INTRODUCTION TO GROUP POLICY SOFTWARE SETTINGS

  15. Chapter 7: INTRODUCTION TO GROUP POLICY WINDOWS SETTINGS

  16. Chapter 7: INTRODUCTION TO GROUP POLICY ADMINISTRATIVE TEMPLATES

  17. Chapter 7: INTRODUCTION TO GROUP POLICY ADMINISTRATIVE TEMPLATE SETTING OPTIONS

  18. Chapter 7: INTRODUCTION TO GROUP POLICY GROUP POLICIES AND THE ACTIVE DIRECTORY STRUCTURE • Linked to site—Affects all users and computers in the site to which the policy is linked, regardless of domain membership • Linked to domain—Affects all users and computers in the domain to which the policy is linked • Linked to OU—Affects all users and computers in the OU to which the policy is linked

  19. Chapter 7: INTRODUCTION TO GROUP POLICY HOW GROUP POLICIES ARE PROCESSED • Local-Site-Domain-OU (LSDOU) order. • Different settings are merged. • If there is a conflict on a particular setting: • By default, the last policy applied wins. • Exceptions: No Override, Block Policy Inheritance, and User Group Policy loopback processing mode.

  20. Chapter 7: INTRODUCTION TO GROUP POLICY SCHOOL OF FINE ART AND GROUP POLICY APPLICATION

  21. Chapter 7: INTRODUCTION TO GROUP POLICY MULTIPLE POLICIES LINKED TO A CONTAINER

  22. Chapter 7: INTRODUCTION TO GROUP POLICY GROUP POLICY PROCESSING AT STARTUP AND LOGON • During computer startup, a list of GPOs for the computer is obtained. • Computer settings are applied during startup. • Startup scripts are run. • Windows Logon prompt appears when step 3 completes. • Upon successful validation of user, the user profile loads. • A list of GPOs for the user is obtained. • Logon scripts are run. • The user interface appears.

  23. Chapter 7: INTRODUCTION TO GROUP POLICY NO OVERRIDE • Ensures policy is applied, regardless of priority, hierarchy, inheritance blocking, or conflicting settings • Configured on a per-policy basis

  24. Chapter 7: INTRODUCTION TO GROUP POLICY BLOCK POLICY INHERITANCE • Prevents policies from being inherited from higher levels in the Active Directory hierarchy • Can be used at the Domain or OU level only—not per policy • Cannot stop a policy marked as No Override

  25. Chapter 7: INTRODUCTION TO GROUP POLICY USER GROUP POLICY LOOPBACK PROCESSING MODE • Maintains a specified user environment, no matter which user logs on • Allows a computer account to apply User Settings last • In merge mode, any conflicting settings are won by the loopback-enabled Group Policy. • In replace mode, all user settings are set to whatever is configured in the loopback-enabled Group Policy.

  26. Chapter 7: INTRODUCTION TO GROUP POLICY SUMMARY • Group Policy is used to control both User settings and Computer settings. • GPOs can be linked to sites, domains, and OUs. • GPOs have two parts: GPC and GPT. • Default GPOs. • Default Domain Policy • Default Domain Controllers Policy • Processing Order: L-S-D-OU. • Exceptions: Block Policy Inheritance, No Override, and loopback.

More Related