Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 7: Managing the User Environment by Using Group Policy.

Published byMarjory Wiggins Modified over 8 years ago

Similar presentations

Presentation on theme: "Module 7: Managing the User Environment by Using Group Policy."— Presentation transcript:

1 Module 7: Managing the User Environment by Using Group Policy

2 Overview Configuring Group Policy Settings Assigning Scripts with Group Policy Restricting Group Membership and Access to Software Configuring Folder Redirection Determining Applied GPOs

3 Lesson: Configuring Group Policy Settings Why Use Group Policy? What Are Enabled and Disabled Group Policy Settings? Practice: Configuring Group Policy Settings

4 Why Use Group Policy? Use Group Policy to: Manage users and computers Deploy software Enforce security settings Enforce a consistent desktop environment Enforce loopback processing Manage users and computers Deploy software Enforce security settings Enforce a consistent desktop environment Enforce loopback processing

5 What Are Enabled and Disabled Group Policy Settings? Enable / Disable Multivalued settings

6 Practice: Configuring Group Policy Settings In this practice, you will: Create a GPO to configure a standard user desktop Create a GPO to reverse a setting in the standard desktop GPO for the Legal department

7 Lesson: Assigning Scripts with Group Policy What Are Group Policy Script Settings? Why Use Group Policy Scripts? Practice: Assigning Scripts with Group Policy

8 What Are Group Policy Script Settings? Group Policy script settings can be used to assign: For computers  Startup scripts  Shutdown scripts For users  Logon scripts  Logoff scripts

9 Why Use Group Policy Scripts? Group Policy scripts can: Perform tasks that cannot be done through other Group Policy settings Clean desktops and return computers to their original state Provide a secure environment by clearing temp folders and page files

10 Practice: Assigning Scripts with Group Policy In this practice, you will: Use Group Policy to assign a script to map a drive Test the script

11 Lesson: Restricting Group Membership and Access to Software Restricting Group Membership What Is a Software Restriction Policy? Software Restriction Rules Practice: Restricting Group Membership and Access to Software

12 Restricting Group Membership Group Policy can control group membership:  For any group on a local computer  For any group in Active Directory

13 What is a Software Restriction Policy? A policy-driven mechanism that identifies and controls software on a client computer A mechanism restricting software installation and viruses A component with two parts:  A default rule with two options: Unrestricted Disallowed  Exceptions to the default rule

14 Software Restriction Rules Certificate Rule Checks for digital signature on application Use when you want to restrict Win32 applications and ActiveX content Certificate Rule Checks for digital signature on application Use when you want to restrict Win32 applications and ActiveX content Internet Zone Rule Controls how Internet Zones can be accessed Use in high-security environments to control access to Web applications Internet Zone Rule Controls how Internet Zones can be accessed Use in high-security environments to control access to Web applications Hash Rule Use to employ MD5 or SHA1 hash of a file to confirm identity Use to allow or prohibit a certain version of a file from being run Hash Rule Use to employ MD5 or SHA1 hash of a file to confirm identity Use to allow or prohibit a certain version of a file from being run Path Rule Use when restricting the path of a file Use when multiple files exist for the same application Essential when SRPs are strict Path Rule Use when restricting the path of a file Use when multiple files exist for the same application Essential when SRPs are strict

15 Practice: Restricting Group Membership and Access to Software In this practice, you will: Define the membership of the local Administrators group for DEN-CL1 Restrict access to Outlook Express for the domain

16 Lesson: Configuring Folder Redirection What Is Folder Redirection? Folders That Can Be Redirected Settings That Configure Folder Redirection Security Considerations for Configuring Folder Redirection Practice: Configuring Folder Redirection

17 What Is Folder Redirection? Folder Redirection allows: Redirection to folders on the local computer or on a network drive Folders on a server appear as if they are located on the local drive

18 Folders That Can Be Redirected My Documents Application Data Desktop Start Menu

19 Settings That Configure Folder Redirection Use basic Folder Redirection for common files and limited- access files With advanced Folder Redirection, the server hosting the folder location is based on group membership Accounting Users Accounts N-Z Accounts A-M Accounting Managers Anne Misty Private

20 Security Considerations for Configuring Folder Redirection NTFS permissions for Folder Redirection root folder Shared folder permissions for Folder Redirection root folder NTFS permissions for each user’s redirected folder

21 Practice: Configuring Folder Redirection In this practice, you will: Create a shared folder Create a GPO to redirect the My Documents folder Test the Folder Redirection

22 Lesson: Determining Applied GPOs What Are gpupdate and gpresult? What Is Group Policy Reporting? What Is Group Policy Modeling? What Are Group Policy Results? Practice: Determining Applied GPOs

23 What Are gpupdate and gpresult? Use gpupdate to: Manually refresh updated Group Policy settings Force the refresh of all Group Policy settings Force a reboot or logoff if required to refresh the settings Use gpresult to: Display the resulting set of policies for a user or computer Redirect the resulting set of policies information to a file

24 What Is Group Policy Reporting?

25 What Is Group Policy Modeling?

26 What Are Group Policy Results?

27 Practice: Determining Applied GPOs In this practice, you will: Refresh GPO settings with gpupdate Use Group Policy reporting to view the settings in a GPO and save the report Create a Group Policy Results report

28 Lab: Managing the User Environment by Using Group Policy After completing this lab, you will be able to:  Create and apply a GPO to the Graphics organizational unit  Assign a logon script to connect to the Graphics1 printer  Use a GPO to configure the membership of the Backup Operators group  Use the Group Policy Results Wizard to verify the policy settings

Download ppt "Module 7: Managing the User Environment by Using Group Policy."

Similar presentations

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
11 CONFIGURING AND MANAGING SHARED FOLDER SECURITY Chapter 8.

11 CONFIGURING AND MANAGING SHARED FOLDER SECURITY Chapter 8.
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Managing User Settings with Group Policy

Managing User Settings with Group Policy
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Lesson 16: Creating Group Policy Objects

Lesson 16: Creating Group Policy Objects
Lesson 18: Configuring Application Restriction Policies

Lesson 18: Configuring Application Restriction Policies
Performing Software Installation with Group Policy

Performing Software Installation with Group Policy
Guide to MCSE 70-290, Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.
Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.

Corso referenti S.I.R.A. – Modulo 2 Local Security 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.
Microsoft ® Official Course Module 9 Configuring Applications.

Microsoft ® Official Course Module 9 Configuring Applications.
Module 7: Implementing Security Using Group Policies.

Module 7: Implementing Security Using Group Policies.
9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure.

9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam Microsoft® Windows® 2000 Directory Services Infrastructure.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Securing Windows Servers Using Group Policy Objects

Securing Windows Servers Using Group Policy Objects
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
Corso referenti S.I.R.A. – Modulo 2 07 – Group Policy 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.

Corso referenti S.I.R.A. – Modulo 2 07 – Group Policy 20/11 – 27/11 – 05/12 11/12 – 13/12 (gruppo 1) 12/12 – 15/12 (gruppo 2) Cristiano Gentili, Massimiliano.

Similar presentations

Ads by Google