Organizations that leverage the capabilities of Group Policy in Windows 2003 have realized the true potential of using policies to manage desktops and mobile users, improve network security, implement patch management routines, and perform regular maintenance tasks throughout the enterprise. By mirroring user data on servers, preventing users from loading unauthorized software, and backing up the entire state of desktops and configurations (profiles) to servers, you can secure, protect, and highly customize your workstation environment. Furthermore, by applying system standards through group policy to particular users, groups, or sites within Active Directory, you can accommodate the diverse needs present in your organization. Different groups and individuals within any business require varying levels of access and control of your network resources. You should leverage the Group Policy management tools in such a way as to provide the specific workstation experience appropriate to the varying functional needs in your company. This chapter concentrates on ways you can apply Group Policy tools to users and groups based on their specific needs and goals. In addition to providing general best practices, this chapter provides recommendations on how to handle particular types of network users through Group Policy. |