8/8/2019 Understanding Gp Part-1

1/34

Understanding Group PolicyPart 1 of 3

Rick ClausRick ClausIT Pro AdvisorIT Pro Advisor

Microsoft CanadaMicrosoft Canada

rick.claus@microsoft.comrick.claus@microsoft.comhttp://blogs.technet.com/rclaushttp://blogs.technet.com/rclaus

8/8/2019 Understanding Gp Part-1

2/34

What Will We Cover?

Group Policy concepts

Creating test and staging environments

Group Policy tools

8/8/2019 Understanding Gp Part-1

3/34

Helpful Experience

Level 200

Experience supporting Windows servers

Experience supporting Microsoft networks

Familiarity with Active Directory

8/8/2019 Understanding Gp Part-1

4/34

Agenda

Preparing the Environment

Creating a Staging Environment

Managing Group Policy

8/8/2019 Understanding Gp Part-1

5/34

Designing an OU Structure

8/8/2019 Understanding Gp Part-1

6/34

Demo

Organizing OUs

demonstration

8/8/2019 Understanding Gp Part-1

7/34

What Is Group Policy?

Manage user and computer environments Enforce IT policies

Simplify administrative tasks

Implement security settings

8/8/2019 Understanding Gp Part-1

8/34

Group Policy Terms

Scope of

Management

Group Policy

Object

Site

Domain OU

Computer

Configuration

User

Configuration

8/8/2019 Understanding Gp Part-1

9/34

Common Desktop Scenarios

Lightly managed

Mobile

Multiuser

AppStation

TaskStation Kiosk

8/8/2019 Understanding Gp Part-1

10/34

Usage Scenarios Lightly Managed

For power users or developers

Least restricted

Free-seating

Core set of applicationswww.microsoft.com/downloads/details.aspx?FamilyID=354b9f45-8aa6-4775-

9208-c681a7043292&displaylang=en (Search for Group Policy Scenarios)

8/8/2019 Understanding Gp Part-1

11/34

Usage Scenarios Mobile

Aimed at mobile users

Data available at all times

Partial free-seating

Log off without disconnecting

8/8/2019 Understanding Gp Part-1

12/34

Usage Scenarios Multiuser

Basic customization

Free-seating

Restricted write access

Security-enhanced

Assigned and published applications

8/8/2019 Understanding Gp Part-1

13/34

Usage Scenarios AppStation

Minimal customization

Few applications

Free-seating

Restricted write access

Security-enhanced

8/8/2019 Understanding Gp Part-1

14/34

Usage Scenarios TaskStation

For order entry or call centers

Runs a single application

No desktop or Start menu

8/8/2019 Understanding Gp Part-1

15/34

Usage Scenarios Kiosk

Unattended public workstation

Single application and user

Security-enhanced

No user changes or write access

Always on

8/8/2019 Understanding Gp Part-1

16/34

Agenda

Preparing the Environment

Creating a Staging Environment

Managing Group Policy

8/8/2019 Understanding Gp Part-1

17/34

Build staging environment1 Synchronize with production2

Implementing a Staging Environment

Test GPOs3

Production Staging

CreateXMLFromEnvironment.wsf CreateEnvironmentFromXML.wsfGroup Policy ModelingGroup Policy Results

Prepare for deployment4 Deploy to production5

Group Policy Results

GPO Backups

Migration Tables

8/8/2019 Understanding Gp Part-1

18/34

Demo

Creating a Staging Environment

demonstration

8/8/2019 Understanding Gp Part-1

19/34

Agenda

Preparing the Environment

Creating a Staging Environment

Managing Group Policy

8/8/2019 Understanding Gp Part-1

20/34

Group Policy Management Console

MMC snap-in

Includes Group Policy Object Editor

Reporting and modeling

Supports cross-forest trusts

8/8/2019 Understanding Gp Part-1

21/34

GPMC Service Pack 1

Various bug fixes

New languages

Updated GPMC EULA

Updated MSXML4http://www.microsoft.com/downloads/details.aspx?FamilyId=0A6D4C24-

8CBD-4B35-9272-DD3CBFC81887&displaylang=en

8/8/2019 Understanding Gp Part-1

22/34

Demo

Reviewing the GPMC

demonstration

8/8/2019 Understanding Gp Part-1

23/34

Sales Users

settings

User and Computer Configuration

Lab Computers

settingsSales Users

settings

Lab Computers

settings

8/8/2019 Understanding Gp Part-1

24/34

Local Security Policy

Site Policy

Domain Policy

Parent OU Policy

Child OU Policy

Group Policy Order of Precedence

8/8/2019 Understanding Gp Part-1

25/34

When is Group Policy Applied?

Startup and shutdown

Logon and logoff

Defined intervals

Forced with GPUpdate.exe

8/8/2019 Understanding Gp Part-1

26/34

Group Policy Processing

Synchronous Initial Processing

Asynchronous Initial Processing

8/8/2019 Understanding Gp Part-1

27/34

Demo

Modifying Group Policy Objects

demonstration

8/8/2019 Understanding Gp Part-1

28/34

Group Policy Modeling and Results

Group Policy Modeling

Simulates GPOs on user or computer

Group Policy Results

Reports actual policy settings

8/8/2019 Understanding Gp Part-1

29/34

Demo

Group Policy Modeling and Results

Using Group Policy Modeling Using Group Policy Results

demonstration

8/8/2019 Understanding Gp Part-1

30/34

Backing Up and Restoring GPOs

8/8/2019 Understanding Gp Part-1

31/34

Demo

Backing up and Restoring GPOs

demonstration

8/8/2019 Understanding Gp Part-1

32/34

Session Summary

Manage and control your environmentmore easily with Group Policy

Use a staging environment to test Group

Policy before production deployment

Use the GPMC to manage Group Policy

8/8/2019 Understanding Gp Part-1

33/34

For More Information

Visit TechNet USA at www.microsoft.com/technet

Visit TechNet Canada at www.microsoft.ca/technet

Rick ClausRick ClausIT Pro AdvisorIT Pro Advisor

Microsoft CanadaMicrosoft Canada

rick.claus@microsoft.comrick.claus@microsoft.com

http://blogs.technet.com/rclaushttp://blogs.technet.com/rclaus

8/8/2019 Understanding Gp Part-1

34/34

What Will We Cover? (Part 2)

Advanced Group Policy management

Deploying software with Group Policy

Group Policy troubleshooting

What Will We Cover? (Part 3) Group Policy Management

Advanced Group Policy Security

Scripting Group Policy

Group Policy Modeling