1 / 36

Using Group Policy

Using Group Policy. Lesson 4. Skills Matrix. Skills Matrix. Skills Matrix. Understanding Group Policy. Group Policy is the collective set of policy settings for users, computers, and other entities within Active Directory as applied through Group Policy objects.

sblanco
Download Presentation

Using Group Policy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Using Group Policy Lesson 4

  2. Skills Matrix

  3. Skills Matrix

  4. Skills Matrix

  5. Understanding Group Policy • Group Policy is the collective set of policy settings for users, computers, and other entities within Active Directory as applied through Group Policy objects. • Group Policy objects (GPOs) are collections of settings that are applied through Active Directory. Understanding Group Policy

  6. Understanding Group Policy Objects • Administrators LGPO – Settings in this LGPO are applied when an administrator logs on. • Non-Administrators LGPO – Settings in this LGPO are applied when a non-administrator logs on. • User-specific LGPOs – Each Windows Vista installation can have as many of these as there are local users. Understanding Group Policy

  7. Understanding Group Policy Objects (cont.) • Local Group Policy objects are applied in the following order: • Administrators LGPO • Non-Administrators LGPO • User-specific LGPOs Understanding Group Policy

  8. Understanding Group Policy Objects (cont.) • Active Directory Group Policy objects are applied in the following order: • GPOs linked to sites • GPOs linked to domains • GPOs linked to organizational units (OUs) Understanding Group Policy

  9. Understanding Group Policy Objects (cont.) • GPO application order and scope can also be affected by the following: • Filtering by using security groups • Windows Management Instrumentation filters (WMI filters) • Blocking Group Policy inheritance Understanding Group Policy

  10. Understanding Group Policy Objects (cont.) • GPO application order and scope can also be affected by the following: • Enforcing a GPO link • Disabling a GPO link Understanding Group Policy

  11. What’s New in Group Policy for Windows Vista • In previous versions of Windows, there was only one LGPO per Windows installation. This made it difficult to administer non-domain attached computers, such as kiosk computers. • Windows Vista introduces more than 700 new Group Policy settings and has expanded other settings. Understanding Group Policy

  12. Editing a GPO • You can use the Group Policy Object Editor to edit the policy settings in a GPO. • In the Start Search text box, type gpmc.msc, and then press Ctrl + Shift + Enter. A User Account Control dialog box appears. • Provide administrator credentials, and then click OK. The Group Policy Management console appears. Configuring Group Policy

  13. Editing a GPO (cont.) • In the console tree, expand Forest: Forest Name > Domains > Domain Name > Group Policy Objects. • Right-click the Group Policy object that you want to edit, and then click Edit. The Group Policy Object Editor appears with the selected GPO loaded. Configuring Group Policy

  14. Creating a GPO • Open the Group Policy Management console. • In the console tree of the Group Policy Management console, expand Forest: ForestName > Domains > DomainName. • Right-click Group Policy Objects, and then click New. The New GPO dialog box appears. Configuring Group Policy

  15. Configuring Group Policy Creating a GPO (cont.) In the Name text box, type a name for the GPO and then click OK. The new GPO will appear in the console tree under the Group Policy Objects node.

  16. Linking a GPO • GPOs can link to sites, domains, and OUs. • Open the Group Policy Management console. • In the console tree of the Group Policy Management console, right-click the site, domain, or OU to which you want to link a GPO, and then click Link and Existing GPO. The Select GPO dialog box appears. Configuring Group Policy

  17. Configuring Group Policy Linking a GPO (cont.) In the Group Policy Objects list box, select the GPO that you want to link, and then click OK.

  18. Changing GPO Link Order • GPOs are applied according to the link order. Open the Group Policy Management console. • In the console tree of the Group Policy Management console, select the site, domain, or OU for which you want to change the GPO link order. • In the details pane, select the link that you want to move in the list, and use the arrow buttons on the left to move the link up or down. Configuring Group Policy

  19. Turning Off Local Group Policy • You can turn off local Group Policy through a setting in an Active Directory GPO. • Open the Group Policy Management console. • In the Group Policy Object Editor, expand Computer Configuration > Administrative Templates > System > Group Policy. Configuring Group Policy

  20. Configuring Group Policy Turning Off Local Group Policy (cont.) In the details pane, right-click Turn off Local Group Policy objects processing, and then click Properties. Select Enabled, and then click OK.

  21. Editing Local Group Policy Objects Selecting the Non-Administrators LGPO in the Browse for a Group Policy Object dialog box Configuring Group Policy

  22. Using Gpupdate • Gpupdate is a command-line tool used to update Group Policy settings on Active Directory objects before the normal update process takes place. • gpupdate [/target:{computer|user}] [/force] [/wait:value] [/logoff] [/boot] Configuring Group Policy

  23. Using the Group Policy Modeling Wizard • Group Policy Modeling – Simulates and reports on what Group Policy will be for selected configurations of users, computers, containers, security groups, and Windows Management Instrumentation (WMI) filters. Creating and Understanding Group Policy Modeling and Results Reports

  24. Using the Group Policy Modeling Wizard (cont.) Selecting a domain controller in the Group Policy Modeling Wizard Creating and Understanding Group Policy Modeling and Results Reports

  25. Using the Group Policy Modeling Wizard (cont.) Selecting a container in the Choose User Container dialog box Creating and Understanding Group Policy Modeling and Results Reports

  26. Using the Group Policy Modeling Wizard (cont.) Summary of Selections page of the Group Policy Modeling Wizard Creating and Understanding Group Policy Modeling and Results Reports

  27. Understanding Group Policy Modeling Reports • Group Policy Modeling reports – Contain all of the information you need to understand how a particular Group Policy scheme will work. Creating and Understanding Group Policy Modeling and Results Reports

  28. Understanding Group Policy Modeling Reports (cont.) Summary tab summarizes the information gathered during the modeling process. Creating and Understanding Group Policy Modeling and Results Reports

  29. Understanding Group Policy Modeling Reports (cont.) Settings tab contains the most pertinent information. Creating and Understanding Group Policy Modeling and Results Reports

  30. Creating and Understanding Group Policy Modeling and Results Reports Viewing Group Policy Modeling Data in the RSoP Snap-in In the Group Policy Management console, expand Forest: ForestName > Group Policy Modeling. Right-click the Group Policy Modeling query for which you want to view RSoP data, and then click Advanced View. Close the Resultant Set of Policy console when you have finished.

  31. Using the Group Policy Results Wizard Summary of Selections page for the Group Policy Results Wizard. Creating and Understanding Group Policy Modeling and Results Reports

  32. Understanding Group Policy Results Reports • Group Policy Results reports contain all of the information you need to understand the Group Policy settings that are applied to a particular user on a particular computer. Creating and Understanding Group Policy Modeling and Results Reports

  33. You Learned • Group Policy can be used to configure settings for groups of users and computers and other Active Directory objects. • Group Policy objects are collections of Group Policy settings and are the mechanism by which administrators configure Group Policy. • Group Policy in Windows Vista includes more than 700 new settings, as well as an expansion of some existing settings. Summary

  34. You Learned (cont.) • You configure Group Policy by using the Group Policy Object Editor to edit GPOs and by using the Group Policy Management console to arrange the GPOs within Active Directory. • You learned how to create, edit, and link GPOs. • You learned how to change GPO link order. • You learned how to turn off local Group Policy. Summary

  35. You Learned (cont.) • You learned how to edit LGPOs. • You learned how to use gpupdate to reapply all Group Policy settings. • Group Policy Modeling and Group Policy Results reports enable you to model Group Policy through simulation and determine actual Group Policy. These are essential tools in both testing Group Policy settings before rolling them out and in troubleshooting Group Policy issues. Summary

  36. You Learned (cont.) • The Group Policy Modeling Wizard enables you to model Group Policy before rolling it out to either a production or a test environment. • You learned how to use the Group Policy Modeling Wizard. • You learned how to view Group Policy Modeling data in the RSoP Snap-in. • You learned how to use the Group Policy Results Wizard. Summary

More Related