Group Policy Presentation

Group Policy Presentation
This document is classified as Public .
Presentation Plan
Summary:

Overview of Group Policies. Configuring the Scope of Group Policies Objects. Evaluating the Application of Group Policies Objects. Managing Group Policies Objects. Delegating Administrative Control of Group Policies
9 aot 2011 - Group Policy Objects - This document is classified as Public
Overview of Group Policy
Overview of Group Policies
Preview
Here are the different parts:

What Are Group Policies? Group Policy Settings How Group Policies Are Applied Group Policy Processing and Exceptions Group Policy Components What Are ADM and ADMX files?
What Are Group Policies? Group Policies enable IT administrators to automate one-to-many management of users and computers
Use Group Policies to : Apply standard configurations Deploy software Enforce security settings Enforce a consistent desktop environment
Local group policies are always in effect for local users and local computer settings..
Group Policy Settings Group Policy settings for users Software Settings Windows Settings Security Settings Desktop Settings Group Policy settings for computers Software Settings Windows Settings Security Settings Operating systems Settings
How Group Policies Are Applied
Computer starts
Refresh Interval
Every 90 minutes
Computer settings applied Startup scripts run
User logs on
Refresh Interval
Every 90 minutes
User settings applied Logon scripts run
Group Policy Processing and Exeptions Local Policy Machine/User Site Policy Machine/User Domain Policy Machine/User OUtop OUbottom Policy Machine/User 500 Kbps by default Certain client side extensions are not processed Prior to Vista, ICMP is used to detect a slow link Vista uses Network Location Awareness Windows XP and Vista use cached credential for faster logons Many GPO settings take two logons to take effect
Group Policy Processing
Slow Links
Cached Credential
Group Policy Container Group Policy Components Group Policy Object

Stored in Active Directory Provides version information Status information List of components
Group Policy Template Contains Group Policy settings Stores content in two locations
Stored in shared SYSVOL folder Provides Group Policy settings Supports both ADM and ADMX templates
What Are ADM and ADMX Files?
ADM files are: Copied into every GPO in SYSVOL Difficult to customize
ADMX files are: Language neutral Not stored in the GPO Extensible through XML
10
Configuring the Scope of Group Policy Objects
11
Preview

Group Policy Processing Order What Are Multiple Local Group Policies? Options for Modifying Group Policy Processing How Does Loopback Processing Work?
12
Group Policy Processing Order GPO1 Local Group Policy Site GPO3 GPO4 Domain GPO5
OU OU
GPO2
OU
9 aot 2011 - Group Policy Objects - This document is classified as Public 13
What are Multiple Local Group Policies?
One layer of computer configurations that applies to all users Layers apply only to individual users, not to groups There are three layers of user configurations: Administrator Non-Administrator User-specific
14
Options for Modifying Group Policy Processing Five methods to modify GPO default processing: Block inheritance Enforcement Filtering using security groups or WMI filters Disabling GPOs Loopback processing
15
How Does Loopback Processing Work?
16
Evaluating the Application of Group Policy Objects
17
Preview

What Is Group Policy Reporting? What Is Group Policy Modeling?
18
What Is Group Policy Reporting?
Group policy reporting is a method of planning and troubleshooting group policy
Group Policy results are provided by the GPMC GPResult is a command line utility
19
What Is Group Policy Modeling?
The Group Policy Modeling Wizard calculates the simulated net effect of GPOs
The Group Policy Modeling Wizard simulates: Site membership Security group membership WMI filters Slow links Loopback processing The effects of moving user or computer objects to a different Active Directory container
20
Managing Group Policy Objects
21
Preview

What Is a Copy Operation? What Is a Backup Operation? What Is a Restore Operation? What Is an Import Operation? What Is a Starter GPO? Migrating Group Policy Objects
22
What Is a Copy Operation?
DACL User 1 GPO1 Read Full Control User 1 GPO2
DACL Read Full Control
A copy of a GPO transfers only the settings within a GPO The new GPO is created unlinked
23
What Is a Backup Operation?
GPO1
GPO1 Backup of a GPO
In a backup operation, Group Policy Management export all data in the GPO to the selected file and saves the GPT files
24
What Is a Restore Operation?

GPO1
GPO1 Backed-up GPO
In a restore operation, the contents of the GPO are returned to exactly the same state
25
What Is an Import Operation?
GPO1 GPO Settings
GPO2
In an import operation, all GPO settings are copied from the source to the target GPO
26
What Is a Starter GPO?

Stores administrative template settings on which the new GPOs will be based Can be exported to .cab files Can be imported into other areas of the enterprise
Exported to CAB file Imported to GPMC
Starter GPO
CAB file
27
Load Cabinet file
Migrating Group Policy Objects

The ADMX Migrator utility : Can be used to convert custom ADM files to ADMX Is GUI based and can be downloaded from the Microsoft download site utility
28
Delegating Administrative Control of Group Policies
29
Delegating Administrative Control of Group Policies
Options for Delegating Control of GPOs

Methods to delegate control of GPOs
Membership in Group Policy Creator Owners group or explicit permission to create GPOs Assign Edit rights to individual policies Delegate the right to link GPOs to containers Delegate the right to use group policy reporting tools
Create GPOs in the domain
Edit or delete GPOs
Link GPOs to containers
Use reporting tools
X X X X X X
30
X X X
X X X
Do you have any questions ?
31

Group Policy Presentation

Diunggah oleh

Informasi Dokumen

Deskripsi Asli:

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Group Policy Presentation

Diunggah oleh

Hak Cipta:

Format Tersedia

Group Policy Presentation

This document is classified as Public .