Presentation is loading. Please wait.

Presentation is loading. Please wait.

10.1 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure.

Published byAlberta Green Modified over 8 years ago

Similar presentations

Presentation on theme: "10.1 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure."— Presentation transcript:

1 10.1 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Goals   Configure group policy object properties   Modify the order of group policy objects   Filter the scope of a group policy object   Link group policy objects   Delink and delete group policy objects

2 10.2 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Setting Group Policy Object Properties   Group Policies define a user’s desktop environment by managing its various components  Group Policy settings alter the User configuration and Computer configuration settings, which affect the administration of users as well as computers  Policies restrict, allow, or modify functionality of certain components of the operating system (Skill 1)

3 10.3 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Setting Group Policy Object Properties (2)   Group Policy Objects (GPOs)  GPOs are the most basic units of Group Policies  GPOs apply the stored settings on the Active Directory objects contained in sites, domains, or organizational units (OUs)   To customize a GPO, locate the GPO in a container, select it, and click Edit to open its Group Policy snap-in (Skill 1)

4 10.4 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure (Skill 1) Figure 10-1 Setting Group Policy Object Properties

5 10.5 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure (Skill 1) Figure 10-2 Setting changed to Enabled

6 10.6 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Modifying the Order of Group Policy Objects   The order in which Group Policy settings actually apply to a user or computer depends on the order of prioritization of GPOs   By default, GPOs are processed (mostly) in accordance with the Active Directory hierarchy – LSDOU  Local  Site  Domain  Organizational Unit (OU) (Skill 2)

7 10.7 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Modifying the Order of Group Policy Objects (2)   You can use No Override to give preference to policies at each level (except local)   You can use Block Policy inheritance to block the application of all policies applied at higher levels for a specific container   Local policies have no prioritization options as they are always overwritten when a conflict occurs (Skill 2)

8 10.8 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure (Skill 2) Figure 10-3 Changing the order of GPOs

9 10.9 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Filtering the Scope of a Group Policy Object   You may need to apply a certain GPO to specific users or computers in a group   To filter the scope of a GPO, you use the Windows 2000 security groups   Security groups enable you to assign permissions and control the groups affected by a particular GPO (Skill 3)

10 10.10 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Filtering the Scope of a Group Policy Object (2) Permissions   When filtering, only two of a GPO’s permissions are applicable: Read and Apply Group Policy  You need to assign the Read and Apply Group Policy permissions to users and computers for a particular GPO on which the Group Policy needs to be applied  By default, the Authenticated Users group has both of these permissions for all GPOs   You can specify that a policy should not apply to a specific group by setting its Apply Group Policy permission to Deny (Skill 3)

11 10.11 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 10-4 Setting permissions for the security groups (Skill 3)

12 10.12 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Linking Group Policy Objects   Before you set the scope of a GPO for targeted users and computers, you should apply the GPO to a site, domain, or OU by linking it to that object   By default, a GPO is linked to the container in which it was created   To increase the scope of the GPO, you might want to link it to additional sites, domains, or OUs   To link a GPO to an additional container, use the Group Policy tab in the Properties dialog box for that container (Skill 4)

13 10.13 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 10-5 Adding a GPO to an additional container (Skill 4)

14 10.14 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 10-6 Selecting the desired GPO (Skill 4)

15 10.15 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Delinking and Deleting Group Policy Objects   Reasons for modifying GPOs  A need to temporarily link a GPO to additional containers  Certain policies no longer apply to a GPO   Guidelines for modifying a GPO  If there is more than one GPO link associated with the object, remove only the GPO link to that object  If the GPO is associated with a single object, you could delete the GPO  Use caution when deleting a GPO as it is removed from Active Directory permanently  If more than one GPO link is associated with the object, do not delete the GPO (Skill 5)

16 10.16 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 10-7 Delinking or deleting a GPO (Skill 5)

17 10.17 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 10-8 Removing a Group Policy Object link (Skill 5)

Download ppt "10.1 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure."

Similar presentations

Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.

Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.
Chapter 8 Configuring Group Policies

Chapter 8 Configuring Group Policies
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
7.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

7.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
15.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

15.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
11.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

11.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
12.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
MIS 431 - Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.

MIS Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.
10.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Administering Active Directory

Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Lesson 16: Creating Group Policy Objects

Lesson 16: Creating Group Policy Objects
Lesson 18: Configuring Application Restriction Policies

Lesson 18: Configuring Application Restriction Policies
5.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

Similar presentations

Ads by Google