Add to collection(s) Add to saved
  1. Social Science
  2. Psychology
  3. Conformity

MOAC294_Chapter07

advertisement 
1
Chapter 7
INTRODUCTION TO
GROUP POLICY
Chapter 7: INTRODUCTION TO GROUP POLICY
WHAT CAN YOU DO WITH GROUP POLICY?
 Control the user environment.
 Manipulate Start menu options, wallpaper, colors, and
so on.
 Prevent users from using Control Panel.
 Control the computer settings.
 Configure DNS client settings.
 Configure the time server client computers use.
 Distribute software.
 Force software installation.
 Allow for easy optional software installation through
Add/Remove Programs.
2
Chapter 7: INTRODUCTION TO GROUP POLICY
POLICY SETTINGS
 Registry-based
 Software installations and repairs
 Folder redirection and offline storage
 Disk quotas
 Scripts
 Remote Installation Services
 Internet Explorer configuration
 Security
3
Chapter 7: INTRODUCTION TO GROUP POLICY
LATENT APPLICATIONS OF GROUP POLICY
 Term describes a group of policies.
 Policies are not applied directly to groups.
 Policies can be linked to:
 Sites
 Domains
 OUs
4
Chapter 7: INTRODUCTION TO GROUP POLICY
GROUP POLICY BENEFITS
 User benefits
 Access to files either offline or online.
 Consistent environment.
 Files are centrally backed up.
 Administrator benefits
 Centralized management of computer and user
settings.
 Centralized application distribution.
 Centralized backup.
 Centralized security enforcement.
5
Chapter 7: INTRODUCTION TO GROUP POLICY
UNDERSTANDING GROUP POLICY
OBJECTS (GPOs)
 Local GPO
 Gpedit.msc (Local Computer Policy)
 Local Security Policy
 Non-Local Group Policy Objects
 Stored in Sysvol
 Linked to sites, domains, or OUs
6
Chapter 7: INTRODUCTION TO GROUP POLICY
LOCAL GROUP POLICY
7
Chapter 7: INTRODUCTION TO GROUP POLICY
GROUP POLICY CONTAINER OBJECT
8
Chapter 7: INTRODUCTION TO GROUP POLICY
GROUP POLICY TEMPLATE (GPT)
9
Chapter 7: INTRODUCTION TO GROUP POLICY
GPT STRUCTURE AND GPT.INI
10
Chapter 7: INTRODUCTION TO GROUP POLICY
GROUP POLICY OBJECT EDITOR FOR
DOMAINS AND OUS
11
Chapter 7: INTRODUCTION TO GROUP POLICY
GROUP POLICY OBJECT EDITOR FOR SITES
12
Chapter 7: INTRODUCTION TO GROUP POLICY
GROUP POLICY SETTINGS
13
Chapter 7: INTRODUCTION TO GROUP POLICY
SOFTWARE SETTINGS
14
Chapter 7: INTRODUCTION TO GROUP POLICY
WINDOWS SETTINGS
15
Chapter 7: INTRODUCTION TO GROUP POLICY
ADMINISTRATIVE TEMPLATES
16
Chapter 7: INTRODUCTION TO GROUP POLICY
17
ADMINISTRATIVE TEMPLATE SETTING OPTIONS
Chapter 7: INTRODUCTION TO GROUP POLICY
18
GROUP POLICIES AND THE ACTIVE DIRECTORY
STRUCTURE
 Linked to site—Affects all users and computers in
the site to which the policy is linked, regardless of
domain membership
 Linked to domain—Affects all users and computers
in the domain to which the policy is linked
 Linked to OU—Affects all users and computers in
the OU to which the policy is linked
Chapter 7: INTRODUCTION TO GROUP POLICY
HOW GROUP POLICIES ARE PROCESSED
 Local-Site-Domain-OU (LSDOU) order.
 Different settings are merged.
 If there is a conflict on a particular setting:
 By default, the last policy applied wins.
 Exceptions: No Override, Block Policy Inheritance,
and User Group Policy loopback processing mode.
19
Chapter 7: INTRODUCTION TO GROUP POLICY
SCHOOL OF FINE ART AND GROUP POLICY
APPLICATION
20
Chapter 7: INTRODUCTION TO GROUP POLICY
MULTIPLE POLICIES LINKED TO A CONTAINER
21
Chapter 7: INTRODUCTION TO GROUP POLICY
22
GROUP POLICY PROCESSING AT STARTUP AND
LOGON
 During computer startup, a list of GPOs for the computer
is obtained.
 Computer settings are applied during startup.
 Startup scripts are run.
 Windows Logon prompt appears when step 3 completes.
 Upon successful validation of user, the user profile loads.
 A list of GPOs for the user is obtained.
 Logon scripts are run.
 The user interface appears.
Chapter 7: INTRODUCTION TO GROUP POLICY
NO OVERRIDE
 Ensures policy is applied, regardless of priority,
hierarchy, inheritance blocking, or conflicting
settings
 Configured on a per-policy basis
23
Chapter 7: INTRODUCTION TO GROUP POLICY
BLOCK POLICY INHERITANCE
 Prevents policies from being inherited from higher
levels in the Active Directory hierarchy
 Can be used at the Domain or OU level only—not
per policy
 Cannot stop a policy marked as No Override
24
Chapter 7: INTRODUCTION TO GROUP POLICY
25
USER GROUP POLICY LOOPBACK PROCESSING
MODE
 Maintains a specified user environment,
no matter which user logs on
 Allows a computer account to apply User
Settings last
 In merge mode, any conflicting settings are won by the
loopback-enabled Group Policy.
 In replace mode, all user settings are set to whatever
is configured in the loopback-enabled Group Policy.
Chapter 7: INTRODUCTION TO GROUP POLICY
SUMMARY
 Group Policy is used to control both User settings
and Computer settings.
 GPOs can be linked to sites, domains, and OUs.
 GPOs have two parts: GPC and GPT.
 Default GPOs.
 Default Domain Policy
 Default Domain Controllers Policy
 Processing Order: L-S-D-OU.
 Exceptions: Block Policy Inheritance, No Override,
and loopback.
26
Related documents
Group Policy Class Notes
Group Policy Class Notes
Module 6: Creating and Configuring Group Policy
Module 6: Creating and Configuring Group Policy
lesson07 - SCF Faculty Site Homepage
lesson07 - SCF Faculty Site Homepage
Chapter 7
Chapter 7
Lab 19 Configuring group policy Processing
Lab 19 Configuring group policy Processing
Svr2012InstallWeek04
Svr2012InstallWeek04
Groups
Groups
Understanding Group Policy Part 3
Understanding Group Policy Part 3
GPT list Preparing for changes to the
GPT list Preparing for changes to the
Understanding and Troubleshooting Group Policy Function
Understanding and Troubleshooting Group Policy Function
A GENERAL THEORY OF SUSTAINED GROWTH WITH MULTIPLE GPTs By
A GENERAL THEORY OF SUSTAINED GROWTH WITH MULTIPLE GPTs By
Reallocating innovative resources around growth bottlenecks Please share
Reallocating innovative resources around growth bottlenecks Please share
Download
advertisement