Logo
programming4us
programming4us
programming4us
programming4us
Home
programming4us
XP
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone
 
Windows Server

Windows Server 2008 R2 : GPO Administrative Tasks (part 4)

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
3/9/2011 2:43:28 PM

Creating New Domain Group Policies

To create a new domain Group Policy Object, perform the following steps:

1.
Log on to a designated Windows Server 2008 R2 administrative system.

2.
Open the Group Policy Management Console.

3.
Expand the domain to expose the Group Policy Objects container and select it.

4.
Right-click the Group Policy Objects container and select New.

5.
Type in a name for the new GPO.

6.
If the starter GPO functionality in the domain is enabled and if a suitable starter GPO exists, click the Source Starter GPO menu and select either (None) or the desired starter GPO.

7.
Click OK to create the GPO.

8.
As necessary, edit the security filtering, configure delegation, configure the GPO status, and edit the settings. These steps are detailed in the section “Managing GPO Security Filtering.”

9.
After the GPO is configured, back up the GPO.

10.
Create GPO links and configure advanced link options, as required.

11.
Close the GPMC tool.

Creating and Configuring GPO Links

After a GPO is created and configured, the next step is to link the GPOs to the desired Active Directory containers. To link an existing GPO to an Active Directory container, perform the following steps:

1.
Log on to a designated Windows Server 2008 R2 administrative system.

2.
Open the Group Policy Management Console.

3.
Add the necessary domains or sites to the GPMC, as required.

4.
Expand the Domains or Sites node to expose the container to which the GPO will be linked.

5.
Right-click the desired site, domain, or organizational unit, and select Link an Existing GPO.

6.
In the Select GPO window, select the desired GPO or select multiple GPOs and click OK to link.

Advanced GPO Link Configuration

After a GPO link is created, it is enabled by default. Each link has its own configuration options, which include link enforcement and the ability to enable and disable the link. To change the default configuration of a GPO link, perform the following steps:

1.
Log on to a designated Windows Server 2008 R2 administrative system.

2.
Open the Group Policy Management Console.

3.
Add the necessary domains or sites to the GPMC, as required.

4.
Expand the Domains or Sites node to expose the GPO-linked container.

5.
If the GPO link is to be enforced, right-click on the desired GPO link, and select Enforced to enforce the link.

6.
If the GPO link will be changed from enabled to disabled, right-click on the desired GPO link and select Link Enabled to check the link (enabled) or uncheck the link (disabled).

Managing GPO Status

GPO status controls whether the entire GPO is enabled, disabled, or if only the Computer Configuration or User Configuration node is enabled. GPO status is applied to the GPO itself, so all links will be affected by any changes to the GPO status. To view or modify the status of a GPO, perform the following steps:

1.
Log on to a designated Windows Server 2008 R2 administrative system.

2.
Open the Group Policy Management Console.

3.
Expand the domain to expose the Group Policy Objects container and expand it.

4.
Select the desired GPO and select the Details tab in the right pane.

5.
On the Details tab, in the GPO Status drop-down menu, note the current status of the GPO.

6.
If the GPO status needs to be changed, click the drop-down list arrow and select one of the following options:

  • Enabled

  • User Configuration Settings Disabled

  • Computer Configuration Settings Disabled

  • All Settings Disabled

7.
After you select the desired GPO status, a confirmation window opens; click OK to complete the status change.

Creating and Linking WMI Filters to GPOs

When applying security filtering to a GPO is not granular enough to target a specific set of computers, a WMI filter can be linked to the GPO. For this example, we will create a WMI filter that includes a computer with an operating system name of Windows 7. To create the example WMI filter, perform the following steps:

1.
Log on to a designated Windows Server 2008 R2 administrative system.

2.
Open the Group Policy Management Console.

3.
Expand the domain and select the WMI Filters container.

4.
Right-click on the WMI Filters container and select New.

5.
In the Name section, type in Windows 7 WMI Filter.

6.
In the Description section, type in WMI filter to include only Windows 7 workstations.

7.
Click the Add button to create the WMI filter query.

8.
In the Query section, type Select * from Win32_OperatingSystem Where (Name LIKE "%Windows 7%") to show a GPO WMI filter similar to the one shown in Figure 2.

Figure 2. Examining a GPO WMI filter.


9.
Click OK to save the query and return to the WMI Filter window.

10.
Click Save to create the WMI filter in the domain.

To link an existing WMI filter to a GPO, perform the following steps:

1.
Log on to a designated Windows Server 2008 R2 administrative workstation.

2.
Open the Group Policy Management Console.

3.
Expand the domain to expose the Group Policy Objects container and expand it.

4.
Select the desired GPO and select the Scope tab in the right pane.

5.
At the bottom of the Scope tab, in the WMI Filter section, click the WMI Filter drop-down list arrow, and select the desired filter.

6.
A confirmation dialog box will open; click Yes to apply the WMI filter to this GPO.
Other -----------------
- Windows Server 2008 R2 : Designing a Group Policy Infrastructure
- Windows Server 2008 R2 : Policy Management Tools (part 3) - Event Viewer
- Windows Server 2008 R2 : Policy Management Tools (part 2)
- Windows Server 2008 R2 : Policy Management Tools (part 1) - Group Policy Management Console & Group Policy Object Editor
- Windows Server 2008 R2 : Group Policy Administrative Templates Explained
- Windows Server 2003 : Deploying DNS Servers (part 4) - Viewing and Clearing the DNS Server Cache
- Windows Server 2003 : Deploying DNS Servers (part 3) - Creating Resource Records
- Windows Server 2003 : Deploying DNS Servers (part 2) - Understanding Server Types
- Windows Server 2003 : Deploying DNS Servers (part 1) - Installing the DNS Server Service & Configuring a DNS Server
- Windows Server 2008 R2 : Elements of Group Policy (part 5)
 
 
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
 
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server