understanding group policy part 1 of 3 rick claus it pro advisor microsoft canada...
TRANSCRIPT
Understanding Group Policy Part 1 of 3
Rick ClausRick ClausIT Pro AdvisorIT Pro Advisor
Microsoft CanadaMicrosoft Canada
[email protected]@microsoft.com
http://blogs.technet.com/rclaushttp://blogs.technet.com/rclaus
What Will We Cover?
• Group Policy concepts
• Creating test and staging environments
• Group Policy tools
Helpful Experience
Level 200
• Experience supporting Windows servers
• Experience supporting Microsoft networks
• Familiarity with Active Directory
Agenda
• Preparing the Environment
• Creating a Staging Environment
• Managing Group Policy
Designing an OU Structure
Demo
Organizing OUs
demonstration
What Is Group Policy?
• Manage user and computer environments• Manage user and computer environments• Enforce IT policies• Enforce IT policies• Simplify administrative tasks• Simplify administrative tasks• Implement security settings• Implement security settings
Group Policy Terms
Scope of Management
Group Policy Object
Site
Domain OU
Computer Configuration
User Configuration
Common Desktop Scenarios
• Lightly managed
• Mobile • Multiuser • AppStation • TaskStation • Kiosk
Usage Scenarios – Lightly Managed
• For power users or developers
• Least restricted
• Free-seating
• Core set of applicationswww.microsoft.com/downloads/details.aspx?FamilyID=354b9f45-8aa6-4775-9208-c681a7043292&displaylang=en (Search for Group Policy Scenarios)
Usage Scenarios – Mobile
• Aimed at mobile users
• Data available at all times
• Partial free-seating
• Log off without disconnecting
Usage Scenarios – Multiuser
• Basic customization
• Free-seating
• Restricted write access
• Security-enhanced
• Assigned and published applications
Usage Scenarios – AppStation
• Minimal customization
• Few applications
• Free-seating
• Restricted write access
• Security-enhanced
Usage Scenarios – TaskStation
• For order entry or call centers
• Runs a single application
• No desktop or Start menu
Usage Scenarios – Kiosk
• Unattended public workstation
• Single application and user
• Security-enhanced
• No user changes or write access
• Always on
Agenda
• Preparing the Environment
• Creating a Staging Environment
• Managing Group Policy
Build staging environmentBuild staging environment11 Synchronize with productionSynchronize with production22
Implementing a Staging Environment
Test GPOsTest GPOs33Production Staging
CreateXMLFromEnvironment.wsf CreateEnvironmentFromXML.wsfGroup Policy ModelingGroup Policy Results
Prepare for deploymentPrepare for deployment44 Deploy to productionDeploy to production55
Group Policy Results
GPO Backups
Migration Tables
Demo
Creating a Staging Environment
demonstration
Agenda
• Preparing the Environment
• Creating a Staging Environment
• Managing Group Policy
Group Policy Management Console
• MMC snap-in
• Includes Group Policy Object Editor
• Reporting and modeling
• Supports cross-forest trusts
GPMC Service Pack 1
• Various bug fixes
• New languages
• Updated GPMC EULA
• Updated MSXML4
http://www.microsoft.com/downloads/details.aspx?FamilyId=0A6D4C24-8CBD-4B35-9272-DD3CBFC81887&displaylang=en
Demo
Reviewing the GPMC
demonstration
Sales Users settings
User and Computer Configuration
Lab Computers settings
Sales Users settings
Lab Computers settings
Local Security Policy
Site Policy
Domain Policy
Parent OU Policy
Child OU Policy
Group Policy Order of Precedence
When is Group Policy Applied?
Startup and shutdown
Logon and logoff
Defined intervals
Forced with GPUpdate.exe
Group Policy Processing
Synchronous Initial Processing
Asynchronous Initial Processing
Demo
Modifying Group Policy Objects
demonstration
Group Policy Modeling and Results
• Group Policy Modeling
Simulates GPOs on user or computer
• Group Policy Results
Reports actual policy settings
Demo
Group Policy Modeling and Results
• Using Group Policy Modeling• Using Group Policy Results
demonstration
Backing Up and Restoring GPOs
Demo
Backing up and Restoring GPOs
demonstration
Session Summary• Manage and control your environment more easily with Group Policy
• Use a staging environment to test Group Policy before production deployment
• Use the GPMC to manage Group Policy
For More Information
Visit TechNet USA at www.microsoft.com/technetVisit TechNet Canada at www.microsoft.ca/technet
Rick ClausRick ClausIT Pro AdvisorIT Pro Advisor
Microsoft CanadaMicrosoft Canada
[email protected]@microsoft.com
http://blogs.technet.com/rclaushttp://blogs.technet.com/rclaus
What Will We Cover? (Part 2)
• Advanced Group Policy management
• Deploying software with Group Policy
• Group Policy troubleshooting
What Will We Cover? (Part 3)• Group Policy Management
• Advanced Group Policy Security
• Scripting Group Policy
• Group Policy Modeling