1 / 9

Ch. 9 – Implement and Use Group Policy

Ch. 9 – Implement and Use Group Policy. MIS 431 – created Spring 2006. Introduction to Group Policies. Configure desktop settings using administrative templates Control security settings for users and computers

nassor
Download Presentation

Ch. 9 – Implement and Use Group Policy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006 MIS 431 - Chapter 9

  2. Introduction to Group Policies • Configure desktop settings using administrative templates • Control security settings for users and computers • Assign scripts to run when a user logs on or off or when a computer is started or shut down • Redirect folders, such as My Documents, out of a user’s local profile to a different network address • Automate software distribution and maintenance to computers throughout the network MIS 431 - Chapter 9

  3. Create a Group Policy Object • Two methods • Group Policy MMC - Activity 9-1 • Use group policy extension in AD Users and Computers - Activity 9-3 • Group Policy stand-alone in a new MMC • Start with an empty MMC: Start|Run|mmc • Add the standalone Group Policy Object Editor snap-in (File|Add snap-in) • Name it something like “Test Policy” • The activity suggests closing without saving MIS 431 - Chapter 9

  4. Using AD Users & Computers • Click + sign in front of your domain object • Create an Organization Unit to hold the group policy • Rt click, Properties • Select Group Policy tab, click Add • Select a policy, click Edit • Select the policy choices that you wish to set or restrict: example was to remove My Documents icon from Start menu. • Can examine other group policy settings MIS 431 - Chapter 9

  5. GPO Settings • Softwaresettings: centralizes the management of software installation and maintenance • Windows settings: deployment and oversight of scripts, security settings, IE settings, folder redirection, etc. • Administrative templates: sets registry-based settings to configure application and user desktop settings etc. MIS 431 - Chapter 9

  6. Application of Group Policy • Two main categories to a Group Policy • Computer configuration – affects computers within the OU to which the GPO is linked • User configuration – affects users in the OU • Why GP? • Can constrain users to not make certain changes to the desktop, limiting access to various areas of the OS, etc. • This is what we did in CB 403 lab: by “locking down” the desktop we prevented certain changes from user to user. MIS 431 - Chapter 9

  7. Remaining Topics • Lots of activities demonstrating how to set Group Policies in various areas • 9-5: User Desktop Settings • 9-6: Security Settings • 9-7: File System Security • 9-8: Assigning Logon Scripts to Users MIS 431 - Chapter 9

  8. Group Policy Inheritance • GPOs are applied in the following order • Local computer • Site • Domain • Parent OU • Child OU • All of the individual GPO settings are inherited by default • Can have more than one GPO per container at a level; applied in the order they appear • Be careful about the # of GPOs applied: performance MIS 431 - Chapter 9

  9. Blocking GPO Inheritance • Can block GP inheritance • Can configure No Override (always applied) • Can filter GPs using security permissions 9-11 MIS 431 - Chapter 9

More Related