Book Image

Mastering Windows Group Policy

By : Jordan Krause
5 (1)
Book Image

Mastering Windows Group Policy

5 (1)
By: Jordan Krause

Overview of this book

This book begins with a discussion of the core material any administrator needs to know in order to start working with Group Policy. Moving on, we will also walk through the process of building a lab environment to start testing Group Policy today. Next we will explore the Group Policy Management Console (GPMC) and start using the powerful features available for us within that interface. Once you are well versed with using GPMC, you will learn to perform and manage the traditional core tasks inside Group Policy. Included in the book are many examples and walk-throughs of the different filtering options available for the application of Group Policy settings, as this is the real power that Group Policy holds within your network. You will also learn how you can use Group Policy to secure your Active Directory environment, and also understand how Group Policy preferences are different than policies, with the help of real-world examples. Finally we will spend some time on maintenance and troubleshooting common Group Policy-related issues so that you, as a directory administrator, will understand the diagnosing process for policy settings. By the end of the book, you will be able to jump right in and use Group Policy to its full potential.

Related Content you might be interested in

Current Title:

Small book image
Mastering Windows Group Policy
Jordan Krause
Nov, 2018 | 408 pages
Small book image
Windows Server 2016 Administration Cookbook
Jordan Krause
Apr, 2018 | 248 pages
Small book image
Mastering Windows Server 2019, Third Edition
Jordan Krause
Jul, 2021 | 690 pages
Small book image
Mastering Windows Server 2022
Jordan Krause
May, 2023 | 720 pages
Table of Contents (12 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Group Policy - The Basics
Group Policy - The Basics
Terminology
What is Group Policy?
Requirements for Group Policy
Hierarchy of Group Policy processing
Building a lab to test Group Policy today
Summary
2
Group Policy Management Console (GPMC)
Group Policy Management Console (GPMC)
Technical requirements
Launching the console locally
Accessing Group Policy remotely
Exploring the GPMC
Summary
3
Daily Tasks in Group Policy
Daily Tasks in Group Policy
Default policies and permissions
Modifying an existing GPO
Creating a new GPO
More on GPO links
Everyday command-line tools
Summary
4
Advanced Filtering of Group Policy Objects
Advanced Filtering of Group Policy Objects
Link order precedence
Blocking GPO inheritance
Enforcing GPOs
User settings versus computer settings
Exercises with OUs and links
Filtering GPOs with security filters
Filtering GPOs with WMI filters
Summary
5
Deploying Policy Settings
Deploying Policy Settings
Managed versus unmanaged policies
Administrative Templates
Computer configuration policies
User configuration policies
Group Policy loopback processing
Summary
6
Group Policy Preferences
Group Policy Preferences
How is a preference different from a policy setting?
Create, Replace, Update, or Delete
Green and red marks
The Common tab
Implementing Preferences
Summary
7
Group Policy as a Security Mechanism
Group Policy as a Security Mechanism
Password rules and regulations
A plethora of security settings
Windows Firewall with Advanced Security
Manipulating Local Users and Groups
Denying access to Command Prompt
Prohibiting user software-installation
Disabling IPv6 via Group Policy
User Account Control
Blocking USB Drives
Summary
8
Group Policy Maintenance
Group Policy Maintenance
Documenting Group Policy
Searching Group Policy
Starter GPOs
Backing up and restoring GPOs
Implementing ADMX/ADML files
Delegating permissions to manage Group Policy
Summary
9
Group Policy Troubleshooting
Group Policy Troubleshooting
Troubleshooting tools and procedures
GPO version numbers
Checking the replication status via GPMC
Detecting slow links
The trouble with FRS
Group Policy results wizard
Group Policy Modeling
Summary
10
PowerShell for Group Policy Administration
PowerShell for Group Policy Administration
Importing PowerShell Group Policy modules
PowerShell for GPOs and Links
GPO information and reporting
GPO permissions via PowerShell
Using PowerShell to back up and restore GPOs
Remotely running GPUpdate
Using PowerShell Help
Summary
11
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Password rules and regulations

We have already spent some time in this book updating password criteria for our domain. To accomplish this, we edited the built-in Default Domain Policy GPO, as it exists in any instance of an Active Directory domain and contains password settings by default. I bring up this topic once again to point out the fact that this prebuilt policy, Default Domain Policy, really is the best place to maintain password settings for most companies.

This mindset differs from that of any other settings. My general advice for the Default Domain Policy is "don't touch it!" You should not be throwing settings into that policy for the fun of it. In general, whenever you want to push out new settings with Group Policy it should really be from inside a brand new GPO. The exception to this rule is password-related settings. When increasing the security...

Previous Section
End of Section 2
Next Section