Lesson 11 the best policy managing computers and users through group policy
This presentation is the property of its rightful owner.
Sponsored Links
1 / 41

Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy PowerPoint PPT Presentation


  • 84 Views
  • Uploaded on
  • Presentation posted in: General

Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy. Overview. The capabilities of group policies. Manage security using group policies. Manage users’ environment using group policies. Manage group policy implementation and interaction.

Download Presentation

Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Lesson 11 the best policy managing computers and users through group policy

Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy


Overview

Overview

  • The capabilities of group policies.

  • Manage security using group policies.

  • Manage users’ environment using group policies.

  • Manage group policy implementation and interaction.


The capabilities of group policies

The Capabilities of Group Policies

  • Group policy tools.

  • Group policy settings categories.


Group policy tools

Group Policy Tools

Group Policy Object Editor (GPOE):

  • Is the most commonly used tool for working with the Group Policy Objects (GPOs).

  • Is a snap-in for the Microsoft Management Console (MMC).


Group policy tools1

Group Policy Tools

There are several methods of accessing the GPOE:

  • Through the properties of the scope of management (SOM) to which the GPO is linked.

  • By creating a new GPOE console.


Group policy tools2

Group Policy Tools

The Group Policy tab of the Domain Properties dialog box


Group policy tools3

Group Policy Tools

The Group Policy Object Editor Console


Group policy tools4

Group Policy Tools

Group Policy Management Console (GPMC):

  • Is the newest tool for working with GPOs.

  • Provides a single, unified interface for managing all aspects of all existing group policies within the domain.

  • Provides tools for analyzing and controlling the interaction of multiple policies.


Group policy tools5

Group Policy Tools

The Group Policy Management Console


Group policy settings categories

Group Policy Settings Categories

  • Computer configuration settings.

  • User configuration settings.


Group policy settings categories1

Group Policy Settings Categories

The computer and the user configuration settings are subdivided into the following categories:

  • Software settings

  • Windows settings

  • Administrative templates


Software settings

Software Settings

Software Settings in the Group Policy Object Editor


Windows settings

Windows Settings

  • The computer and the user configuration Windows settings are used to configure startup and shutdown scripts.

  • The user configuration Windows settings provide fewer security settings than those available under computer configuration.


Administrative templates

Administrative Templates

The administrative templates settings for computer and user configuration can be used to:

  • Change the desktop.

  • Modify the logon procedure.

  • Remove items from the Start menu or the Control Panel.


Manage security using group policies

Manage Security Using Group Policies

  • Security settings.

  • Software restriction policies.


Security settings

Security Settings

Account policies include:

  • Password policies

  • Kerberos policies

  • Account lockout policies


Security settings1

Security Settings

Password Policies and Their Default Domain Policy Settings


Security settings2

Security Settings

Kerberos policies:

  • Kerberos policies rarely need to be modified.

  • Kerberos security authenticates user accounts when users log on.

  • It also allows them to request services from the server without further authentication.


Security settings3

Security Settings

Account Lockout policies and Their Default Domain Policy Settings


Software restriction policies

Software Restriction Policies

Software restriction policies:

  • Are one of the new features of Windows Server 2003.

  • Help to block executing specific programs in a directory.


Software restriction policies1

Software Restriction Policies

The GPO Console


Software restriction policies2

Software Restriction Policies

Defining the Policy


Software restriction policies3

Software Restriction Policies

Account Lockout Threshold Properties


Software restriction policies4

Software Restriction Policies

Software Restriction Policies


Software restriction policies5

Software Restriction Policies

New Path Rule


Manage users environment using group policy

Manage Users’ Environment Using Group Policy

Policy Settings Breakdown for the Group Policy Administrative Templates


Manage users environment using group policy1

Manage Users’ Environment Using Group Policy

Administrative Templates First-Level Categories and Where They Are Found


Manage users environment using group policy2

Manage Users’ EnvironmentUsing Group Policy

The administrative templates settings can be used:

  • When the taskbar needs to be locked.

  • When an appropriate wallpaper needs to be used.

  • When access to Control Panel needs to be restricted.


Manage users environment using group policy3

Manage Users’ Environment Using Group Policy

Preventing Changes to Taskbar and Start Menu Settings


Manage users environment using group policy4

Manage Users’ Environment Using Group Policy

Setting Active Desktop Wallpaper


Manage users environment using group policy5

Manage Users’ Environment Using Group Policy

Restrict Access to the Control Panel


Manage group policy implementation and interaction

Manage Group Policy Implementation and Interaction

  • Applying group policy.

  • Analyzing group policy interactions.


Applying group policy

Applying Group Policy

  • Group Policy Object Options.

  • Group Policy Object Properties.


Group policy object options

Group Policy Object Options

The options in the Group Policy Object Options dialog box are:

  • No Override – Prevents any other settings from taking a higher priority.

  • Disabled – Does not allow the settings to be applied, if a GPO link is disabled.


Group policy object options1

Group Policy Object Options

The Group Policy Object Options dialog box


Group policy object properties

Group Policy Object Properties

The various tabs of the Properties dialog box for a GPO link are:

  • General – Allows users to disable the computer and/or the used configuration settings.

  • Links – Offers a Find Now button that searches and displays the sites, domains, and OUs to which the GPO is linked.


Analyzing group policy interactions

Analyzing Group Policy Interactions

Resultant Set of Policy (RSoP):

  • Is a group policy tool.

  • Analyzes all the policies that apply in a particular situation.

  • Reports the resultant policy.


Analyzing group policy interactions1

Analyzing Group Policy Interactions

RSoP can be run in one of the following modes:

  • Planning

  • Logging


Summary

Summary

  • The various tools for working with the group policy objects (GPOs) are the Group Policy Object Editor (GPOE) and the Group Policy Management Console (GPMC).

  • The GPO settings are divided into the user and the computer configuration settings.

  • The user and the computer configuration settings are further divided into software settings, Windows settings, and administrative templates.


Summary1

Summary

  • The most commonly used security settings are the account policies.

  • Account policies include password, account lockout, and Kerberos policies.

  • Software restriction policies help to block executing specific programs in an entire directory.


Summary2

Summary

  • The five administrative templates files are System.adm, Inetres.adm, conf.adm, Wuau.adm, and Wmplayer.adm.

  • Resultant Set of Policy (RSoP) is a tool for analyzing the effect of all applicable policies on a particular domain, site, OU, computer, or user.


  • Login