Group Policies

Previous page
Table of content
Next page


Group Policies are used in Windows 2000 and Windows Server 2003 to define change and configuration management. They are used to define user and computer configurations for groups of users and computers. Configuration of Group Policy is done through the Group Policy Object Editor from within the Microsoft Management Console (MMC) snap-in. The Group Policy settings are contained in a Group Policy Object, which is associated with selected Active Directory objects such as sites, domains, and organizational units. There is also an option for local policy creation to assist in controlling specific computers.

Using Group Policy, an administrator is able to control the policy settings for the following:

  • Registry-based policies This includes Group Policy for the Windows 2000 and 2003 operating systems and their components, as well as for applications. To manage these settings, use the Administrative Templates node of the Group Policy snap-in.

  • Security options Local computer, domain, and network security settings

  • Software installation and maintenance options Centralized management of application installation, updates, and removal.

  • Scripts options This includes scripts for computer startup and shutdown, as well as user logon and logoff.

  • Folder redirection options This allows administrators to redirect users' special folders to network storage locations.

Implementing Windows Group Policies for registry-based policies, security options, and folder redirection is essential in a well-managed SBC environment. Administrators should use Group Policy to ensure users have what they need to perform their jobs, but do not have the ability to corrupt or incorrectly configure their environment. Many common user lockdown settings are contained in the Windows Explorer component under the User Configuration section. A new Terminal Server configuration section is available in Windows Server 2003 Group Policy that did not exist in Windows 2000. The new settings are contained in the Terminal Services component under Computer Configuration. The Terminal Services component of the Computer Configuration Group Policy provides a place to set several important configurations, including

  • Setting keep-alive settings

  • Setting the path for the Terminal Services roaming profile location

  • Setting the path for the Terminal Services home directory

Machines that are a member of an Active Directory domain process Group Policies in a very systematic way. The processing order is as follows:

  1. Local Group Policy Object

  2. Site

  3. Domain

  4. Organizational unit (OU)

Exceptions to the default order are due to Group Policies being set to no override, disabled, block policy inheritance, or loopback processing. The key things to remember are the order in which policies are applied, and that a Domain setting will override a Site setting. Understanding this will help in troubleshooting problems with policy settings not being implemented. For example, if the same settings are applied at both the Site and OU levels, the OU policy will still be implemented unless special settings (such as no override) have been configured.


Previous page
Table of content
Next page
Citrix Metaframe Access Suite for Windows Server 2003(c) The Official Guide
Citrix Access Suite 4 for Windows Server 2003: The Official Guide, Third Edition
ISBN: 0072262893
EAN: 2147483647
Year: 2003
Pages: 158
Authors: Steve Kaplan, Tim Reeser, Alan Wood
BUY ON AMAZON
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
Image Processing with LabVIEW and IMAQ Vision
A Practitioners Guide to Software Test Design
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
Junos Cookbook (Cookbooks (OReilly))
Cultural Imperative: Global Trends in the 21st Century
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy