Clyde G. Johnson.  Test Environment  Tools of the trade  Demo  Central Store  Show  Group Policy Spreadsheets  Demo  Planning and Deployment.

Slides:

Advertisements

Similar presentations

Auditing Microsoft Active Directory

Advertisements

Clyde G. Johnson.  Preference?  Overview  Targeting  Settings  Things to know  GPP Scenarios.

Microsoft Server 2008 R2 Group Policies & AD. Group Policies-Refresher  Policies are “all or nothing”  You cannot selectively choose within a policy.

NREL is a national laboratory of the U.S. Department of Energy Office of Energy Efficiency and Renewable Energy operated by the Alliance for Sustainable.

Understanding Group Policy on Windows Server 2003 Michael J. Murphy TechNet Presenter

Understanding Group Policy on Windows Server 2003.

Module 5: Creating and Configuring Group Policy

Michael Kleef Program Manager Microsoft Session Code: WSV326.

Managing User Settings with Group Policy

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

MIS Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.

10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Lesson 16: Creating Group Policy Objects

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

Group Policy – Tips, Tricks and Best Practices

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Module 8: Implementing Administrative Templates and Audit Policy.

Group Policy Infrastructure in Windows: Today and Tomorrow

Active Directory: OU Administration December 17th, pm Daniels 407.

Introduction to Active Directory December 10th, pm Daniels 407.

9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam Microsoft® Windows® 2000 Directory Services Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

GROUP POLICY An overview of Microsoft Windows Group Policy.

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Corso referenti S.I.R.A. – Modulo 2 07 – Group Policy 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

ADM421 Scripting Group Policy Operations BJ Whalen Program Manager Windows Server Microsoft Corporation.

Section 2: Using Group Policy Management Tools Local vs. Domain Policies Editing Local Policies Managing Domain Policies Understanding Group Policy Refresh.

Appendix A Starting Out with Windows PowerShell™ 2.0.

Module 15: Manage the Windows ® Small Business Server 2008 Environment Using Group Policy.

Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.

70-411: Administering Windows Server 2012

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

Managing User Desktops with Group Policy

Overview Introduction to Managing User Environments Introduction to Administrative Templates Using Administrative Templates in Group Policy Assigning Scripts.

Module 6: Configuring User Environments Using Group Policy.

Module 7 Configure User and Computer Environments By Using Group Policy.

Planning a Group Policy Management and Implementation Strategy Lesson 10.

Implementing Group Policy. Overview What is Group Policy Introduction to Group Policy Group Policy Structure How Group Policy Settings Are Applied in.

ADM320 Managing Group Policy BJ Whalen Program Manager Windows Server Microsoft Corporation.

Section 5: Troubleshooting and Backing Up GPOs Using Group Policy Troubleshooting Tools Integration of RSoP Functionality Using Logging Options Backing.

Group Policy in Windows Vista Stephen Lamb IT Pro Evangelist, Microsoft Ltd

4. Managing the Desktop Thomas Lee Chief Technologist – QA plc.

Module 5: Implementing Group Policy

Kevin Sullivan Principal Program Manager Lead Microsoft Corporation SESSION CODE: WCL323.

Page 1 System and Group Policies Lecture 7 Hassan Shuja 11/02/2004.

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

Module 5: Creating and Configuring Group Policies.

Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.

Administering Group Policy Chapter Eleven. Exam Objectives in this Chapter  Plan a Group Policy strategy using Resultant Set of Policy Planning mode.

Company Confidential 1 A Course on Planning A Group Policy Management And Implementation Strategy Prepared for: *Stars* New Horizons Certified Professional.

Implementing Group Policy

© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.

11 PLANNING A GROUP POLICY MANAGEMENT AND IMPLEMENTATION STRATEGY Chapter 10.

Michael Kleef Program Manager Microsoft Blogs.technet.com/mkleef Session Code:

Week 4 Objectives Overview of Group Policy Group Policy Processing Implementing a Central Store for Administrative Templates.

Implementing a Group Policy Infrastructure

11 INTRODUCTION TO GROUP POLICY Chapter 7. Chapter 7: INTRODUCTION TO GROUP POLICY2 WHAT CAN YOU DO WITH GROUP POLICY?  Control the user environment.

Module 6 Creating and Configuring Group Policy. Module Overview Overview of Group Policy Configuring the Scope of Group Policy Objects Evaluating the.

Chapter 7: Managing and Troubleshooting Group Policy.

Windows Server 2003 群組原則設定與管理林寶森

GROUP POLICY. Group Policy is a hierarchical infrastructure which allows systems administrators to configure computer and user settings from a central.

Microsoft Installing & Configuring Windows Server Exam Questions Answers Powered By:

1.1 Microsoft® Windows® 2003 Server Group Policy Management Prof. Abdul Hameed.

Introduction to Group Policy Lesson 7. Group Policy Group Policy is a method of controlling settings across your network. – Group Policy consists of user.

Introduction to Group Policy

Presentation transcript:

Clyde G. Johnson

 Test Environment  Tools of the trade  Demo  Central Store  Show  Group Policy Spreadsheets  Demo  Planning and Deployment

 Mine is built in VMware Workstation ◦ Windows 2003 domain controller / file server ◦ Windows XP client ◦ Windows 7 client  Windows 2003 Domain / forest  Used GPMC scripts to import my environment  Isolated from production network

 RSAT ◦ Installs WS2008R2 administration tools on Windows 7 computers for remote management ◦ Enables GUI-based remote management for full server and server core installations ◦ Download  GPMC ◦ Part of Windows 7 and 2008 R2  Security Compliance Manager

 Install RSAT  Install GMPC  Show SCM ◦ Export as spreadsheet ◦ Export as GPO

 Centralized Repository for ADMX Files  One-time creation and population of central store per domain  Replicated to all domain controllers  Helps prevent “GPO bloat”  Contains all ADMX templates including Office 2010 and IE 8.0  Located in Sysvol (case sensitive)  [sysvol]\ \policies\PolicyDefinitions

 Sample

 It’s a “good thing” if you: Test -> Stage -> Test -> Deploy -> Validate  For significant functional changes, consider a pilot. ◦ Don’t limit the pilot to just IT Staff – they often know how to workaround/resolve issues!  Some GPMC features are specifically focused on testing/staging/piloting/deploying GPOs ◦ Group Policy Modeling (more elegant face on RSoP Planning) ◦ Backup/Copy/Import (including migration tables) ◦ Specific “sample” scripts - particularly CreateXMLFromEnvironment and CreateEnvironmentFromXML (optionally include users and groups) ◦ Documentation: HTML or XML Reports

 Start small and build… ◦ Security (SCM) ◦ Firewall ◦ Folder Redirection ◦ OS / Application Configuration ◦ IE Maintenance ◦ Software Installation ◦ Segregate and congregate

1. Per Group Policy Object (GPO) 2. Per Group Policy setting 3. Per Group Policy Preference (GPP) Item

 Administrative Log  Applications and services log  XML Based event logs  New Tools - GPOLogView

LGPO’s LGPO Admin User User Specified Group Policy Admin/Non-Admin Group Policy Local Computer Policy Multple local GPO’s

 Folder Redirection  Offline Files (encrypted) – Mobile only

 Do not pre-create folders (ACL issues)  Do not redirect Application Data folder (particularly if logged on from multiple computers): ◦ Exclusive locks ◦ Absolute paths ◦ Network latency  You cannot redirect to a mapped drive (folder redirection occurs before mapping of drives)

 25 PowerShell cmdlets for Group Policy scripting GPO operations: creation, removal, backup, and import GPO link operations: creation, update, and removal Setting inheritance flags and permissions on Active Directory organizational units (OUs) and domains GPO Settings: Creating, update, retrieval, removal ◦ Only registry-based policy settings (Administrative Templates) GPP Settings: Creating, update, retrieval, removal ◦ No Item-Level Targeting Starter GPOs operations: creation and update

Backup-GPO –all –path ‘C:\BackupFiles\’ Backup all GPO’s in current domain to directory Get-GPResultantSetofPolicy -ReportType - html -Path D:\ConfigDocuments\Reports\ Get RSoP for local computer and logged on user in html form Copy-GPO -SourceName TestGpo1 - SourceDomain test.contoso.com TargetName TestGpo1 -TargetDomain sales.contoso.com Copy a GPO across domains Set-GPRegistryValue -Name "TestGPO" -key "HKCU\Software\Policies\Microsoft\ExampleKey" - ValueName "ValueOne", "ValueTwo", "ValueThree" - Type String -Value "String 1", "String 2", "String 3" Configure a registry key to policy with a set of values

PowerShell Scripts supported in GPO Startup/Shutdown & Logon/Logoff scripts By default, Windows PowerShell scripts run after non-Windows PowerShell scripts

 Group Policy TechNet page  Group Policy Wiki  Group Policy Team Blog  Group Policy Settings Reference  Remote Server Administration Tools (RSAT) yID=7d2f6ad7-656b-4313-a005-4e344e43997d

New UI: More intuitive, integrated help content, no more tabs Support for: ◦ REG_MultiSZ ◦ REG_QWORD Easier to use authoring experience Support for more data types

Sessions On-Demand & Community Resources for IT Professionals Resources for Developers Microsoft Certification & Training Resources