Presentation is loading. Please wait.

Presentation is loading. Please wait.

9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure.

Published byEdgar Barrett Modified over 8 years ago

Similar presentations

Presentation on theme: "9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure."— Presentation transcript:

1 9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Goals   Understand group policy   Understand group policy settings   Identify the role of a group policy at startup and logon   Plan a group policy implementation   Create a group policy object   Assign control over a group policy object

2 9.2 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Introducing Group Policy   Group Policy is an Active Directory feature  Helps administrators specify the standard behavior of users’ desktops  Enforces the specified requirements   You can applied group policies to various Active Directory containers  Sites  Domains  Organizational Units (OUs) (Skill 1)

3 9.3 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Introducing Group Policy (2)   Group Policy is also called a Group Policy Object (GPO) since it is an object of Active Directory  GPO parts  A Group Policy Container (GPC) is an Active Directory component and contains GPO attributes, extensions, and version information  A Group Policy Template (GPT) is a collection of folders stored under the SYSVOL\sysvol\domainname\Policies folder on each Windows 2000 domain controller (Skill 1)

4 9.4 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure (Skill 1) Figure 9-1 GPC containers in the Active Directory Users and Computers console

5 9.5 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure (Skill 1) Figure 9-2 Adding the Group Policy snap-in to the console

6 9.6 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure (Skill 1) Figure 9-3 Accessing the Group Policy snap-in

7 9.7 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Introducing the Types of Group Policy Settings   You can apply group policies to both users and computers   Computer configuration settings  Refer to the group policies for computers, irrespective of the users logging on to them  Apply to a computer during the initialization of the operating system   User configuration settings  Refer to the group policies for users, irrespective of the computer the users log on to  Apply at the time of user logon (Skill 2)

8 9.8 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Introducing the Types of Group Policy Settings (2)   Computer configuration settings and User configuration settings both contain three containers, each of which include several related policies  Software Settings container contains the Software Installation extension  Windows Settings container contains Scripts and Security Settings extensions  Administrative Templates container contains all registry-based Group Policy settings (Skill 2)

9 9.9 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure (Skill 2) Figure 9-4 Group Policy settings in the Group Policy snap-in

10 9.10 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Identifying the Role of a Group Policy at Startup and Logon   The role of a Group Policy begins when a computer starts up and a user logs on  During startup and logon, both the Computer Configuration and the User Configuration settings are applied in a specific sequence  If computer settings and user settings conflict with each other, computer settings take precedence (Skill 3)

11 9.11 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Identifying the Role of a Group Policy at Startup and Logon (2) Processing sequence   Is very important when dealing with multiple policies   If a conflict occurs in case of multiple policies, the policy to apply last wins   If a computer belongs to a workgroup, it only processes the local GPO (Skill 3)

12 9.12 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Identifying the Role of a Group Policy at Startup and Logon (3) Exceptions to processing order   If the Block Policy Inheritance option is set for a domain or OU, the GPOs above that point in the structure do not affect users or computers in that structure   If there is a conflict between No Override and Block Inheritance, No Override always wins   If Loopback settings are applied to a GPO list, the default GPO processing order is not maintained   If the No Override option is set for a GPO, no configured policy setting in the GPO can be overridden (Skill 3)

13 9.13 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 9-5 The sequence in which computer configuration and user configuration settings are applied (Skill 3)

14 9.14 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Planning a Group Policy Implementation   Factors to consider before implementing a Group Policy include location of GPOs, delegation of authority, and organization structure   Major implementation strategies  Centralized design approach suggests that the organization network should be maintained by a small number of large GPOs  Decentralized design approach uses separate GPOs for specific policy settings  Functional role design approach suggests that the functional roles of users in an organization be used to apply group policies  Central control design approach suggests that you maintain a central control while delegating administration to various OU administrators (Skill 4)

15 9.15 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Creating a Group Policy Object   After identifying the GPO implementation strategy for your organization, you need to create a GPO that best suits your requirements   When you install Active Directory, two GPOs are created automatically  Default Domain Policy (linked to the domain)  Default Domain Controller Policy (linked to the Domain Controllers OU)   You can link GPOs to sites, domains and OUs (Skill 5)

16 9.16 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Creating a Group Policy Object (2)   Use the Active Directory Sites and Services console to link a GPO to a site   Use the Active Directory Users and Computers console to link GPOs to domains and OUs   You can create a stand-alone GPO console for a GPO and access it directly from the Administrative Tools menu (Skill 5)

17 9.17 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 9-6 Creating a new GPO (Skill 5)

18 9.18 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 9-7 Creating a GPO console (Skill 5)

19 9.19 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Assigning Control of a Group Policy Object to Administrators   Once a GPO is created, you should delegate administrative control of the GPO to various administrators in your organization   Delegation relieves the administrative burden that might fall on a single individual (Skill 6)

20 9.20 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Assigning Control of a Group Policy Object to Administrators (2)   Use the Properties dialog box for the GPO to assign permissions that delegate the administrative control of a GPO  To provide administrative control of the GPO, set both the Read and Write permissions to Allow  A user having only Read permissions cannot open the various extensions of the Group Policy snap-in (Skill 6)

21 9.21 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 9-8 Selecting the Group Policy object for which you want to assign control (Skill 6)

22 9.22 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 9-9 Setting permissions (Skill 6)

Download ppt "9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure."

Similar presentations

Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.

Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.
Chapter 8 Configuring Group Policies

Chapter 8 Configuring Group Policies
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
7.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

7.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
11.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

11.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
12.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
MIS 431 - Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.

MIS Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.
10.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Lesson 16: Creating Group Policy Objects

Lesson 16: Creating Group Policy Objects
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Guide to MCSE 70-290, Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Similar presentations

Ads by Google