1 / 32

Understanding Group Policy Part 3 of 3

Understanding Group Policy Part 3 of 3. Rick Claus IT Pro Advisor Microsoft Canada rick.claus@microsoft.com http://blogs.technet.com/rclaus. What Will We Cover?. Group Policy Management Advanced Group Policy Security Scripting Group Policy Group Policy Modeling. Agenda.

march
Download Presentation

Understanding Group Policy Part 3 of 3

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Understanding Group Policy Part 3 of 3 Rick Claus IT Pro Advisor Microsoft Canada rick.claus@microsoft.com http://blogs.technet.com/rclaus

  2. What Will We Cover? • Group Policy Management • Advanced Group Policy Security • Scripting Group Policy • Group Policy Modeling

  3. Agenda • Managing .ADM Files • Scripting Group Policy • Implementing Advanced Security • Using WMI Filters • Migrating GPOs across Domains • Using Advanced Group Policy Modeling

  4. Administrative Template Extension • Simple way to configure policy • Largest Group Policy extension • .ADM files enable user interface

  5. Using ADM Template Extensions Modify Group Policy 1 Stored on domain controller 2 Policy applied to client 3 Domain Controller SYSVOL Active Directory Database

  6. demonstration Demo Reviewing .ADM Files

  7. Custom ADM Templates Use to Do not use to • Increase security • Disable interface options • Disable confusing items • Control data • Configure all settings • Create unsupported policy

  8. Registry Policies HKEY_LOCAL_MACHINE\SOFTWARE\policies HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows\CurrentVersion\policies HKEY_CURRENT_USER\SOFTWARE\policies HKEY_CURRENT_USER \SOFTWARE\Microsoft\Windows\CurrentVersion\policies

  9. demonstration Demo • Customizing .ADM Templates

  10. Agenda • Managing .ADM Files • Scripting Group Policy • Implementing Advanced Security • Using WMI Filters • Migrating GPOs across Domains • Using Advanced Group Policy Modeling

  11. Scripting Group Policy Backing up GPOs Creating a new GPO Sample Scripts Creating environment using XML Importing a GPO Listing disabled GPOs Listing GPO information GPMC COM Interfaces

  12. demonstration Demo • Scripting Group Policy • Using GPMC Scripts • Changing the Script Host Engine • Using Scripts to Back up GPOs

  13. Agenda • Managing .ADM Files • Scripting Group Policy • Implementing Advanced Security • Using WMI Filters • Migrating GPOs across Domains • Using Advanced Group Policy Modeling

  14. Exclude Accounts from Group Policy Domain Controller Administrator

  15. demonstration Demo • Configuring Group Policy ACLs • Protect Administrator from Group Policy

  16. Delegating Control of GPOs Delegate Domain Controller Delegate Administrator

  17. demonstration Demo • Delegating Administration • Delegating “create GPOs” to ITGroup • Delegating Sales User GPO

  18. Security Configuration and Analysis Does the hard work Enables quick review Ensures policies are enforced Allows local security configuration

  19. Security Configuration Wizard Security Configuration Wizard Administrator download.microsoft.com/download/f/7/1/f71adf6e-dbab-48a2-9a29-9e481110fd55/SCWQuickStartDoc.doc

  20. demonstration Demo • Applying Security Templates

  21. Agenda • Managing .ADM Files • Scripting Group Policy • Implementing Advanced Security • Using WMI Filters • Migrating GPOs across Domains • Using Advanced Group Policy Modeling

  22. WMI Filtering Windows XP Windows XP WMI Filter Domain Controller Windows 2000 XP Professional only

  23. demonstration Demo • Using WMI Filters • Creating WMI Filters • Applying WMI Filters • Modeling WMI Filters

  24. Agenda • Managing .ADM Files • Scripting Group Policy • Implementing Advanced Security • Using WMI Filters • Migrating GPOs across Domains • Using Advanced Group Policy Modeling

  25. Copying GPOs between Domains GPO Backup GPO Import GPO Copy uk.contoso.com us.contoso.com us.contoso.com us.fabrikam.com

  26. demonstration Demo • Migrating GPOs across Domains

  27. Agenda • Managing .ADM Files • Scripting Group Policy • Implementing Advanced Security • Using WMI Filters • Migrating GPOs across Domains • Using Advanced Group Policy Modeling

  28. Group Policy Modeling Overview • Group Policy Modeling Wizard • Group Policy Results Wizard • HTML Reports www.microsoft.com/technet/prodtechnol/windowsserver2003/library/DepKit/b8af2303-dac9-4fd5-9717-c3a7f553c627.mspx

  29. Loopback Processing • Changes GPO processing order • Process only computer settings • Merge user and computer settings

  30. demonstration Demo • Modeling GPO Loopback

  31. Session Summary • Manage and control your environment more easily • Enhance security in your environment • Group Policy Modeling predicts behavior of GPOs before implementing them

  32. For More Information Visit TechNet atwww.microsoft.ca/technet Rick Claus IT Pro Advisor Microsoft Canada rick.claus@microsoft.com http://blogs.technet.com/rclaus

More Related