Group Policy in Windows Server 2012
Skip to main content This browser is no longer supported. Show Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support. Group Policy Management Console
In this articleApplies To: Windows Server 2012 R2 Install Group Policy Management Console (GPMC)Group Policy Management Console (GPMC) is a comprehensive administrative tool for Group Policy management. Administrators use GPMC to perform all Group Policy management tasks, with the exception of configuring individual policy settings in Group Policy Objects themselves, which is done with the Local Group Policy Object Editor. You can install GPMC through Server Manager on the server as follows.
Open GPMCTo start GPMC, do the following: On the Start screen, click the Apps arrow. On the Apps screen, type gpmc.msc, and then click OK or press ENTER. This article explains what Group Policies are and shows how to configure Windows Server 2012 Active Directory Group Policies. Our next article will cover how to properly enforce Group Policies (Group Policy Link Enforcement, Inheritance and Block Inheritance) on computers and users that a part of the company's Active Directory. FREE Hyper-V & VMware Backup: Easy to use - Powerful features - Just works, no hassle: It's FREE for Firewall.cx readers! Download Now! Before we dive into Group Policy configuration, let's explain what exactly Group Policies are and how they can help an administrator control its users and computers. A Group Policy is a computer or user setting that can be configured by administrators to apply various computer specific or user specific registry settings to computers that have joined the domain (active directory). A simple example of a group policy is the user password expiration policy which forces users to change their password on a regular basis. Another example of a group policy would be the enforcement of a specific desktop background picture on every workstation or restricting users from accessing their Local Network Connection properties so they cannot change their IP address. A Group Policy Object (GPO) contains one or more group policy settings that can be applied to domain computers, users, or both. GPO objects are stored in active directory. You can open and configure GPO objects by using the GPMC (Group Policy Management Console) in Windows Server 2012: Figure 1. GPO ObjectsGroup Policy Settings are the actual configuration settings that can be applied to a domain computer or user. Most of the settings have three states, Enabled, Disabled and Not Configured. Group Policy Management Editor provides access to hundreds of computer and user settings that can be applied to make many system changes to the desktop and server environment. Group Policy SettingsGroup Policy Settings are divided into Computer Settings and User Settings. Computer Settings are applied to computer when the system starts and this modifies the HKEY Local Machine hive of registry. User Settings are applied when the users log in to the computer and this modifies the HKEY Local Machine hive. Figure 2. Group Policy SettingsComputer Settings and User Settings both have policies and preferences. These policies are: Software Settings: Software can be deployed to users or computer by the administrator. The software deployed to users will be available only to those specific users whereas software deployed to a computer will be available to any user that on the specific computer where the GPO is applied. Windows Settings: Windows settings can be applied to a user or a computer in order to modify the windows environment. Examples are: password policies, firewall policy, account lockout policy, scripts and so on. Administrative Templates: Contains a number of user and computer settings that can be applied to control the windows environment of users or computers. For example, specifying the desktop wallpaper, disabling access to non-essential areas of the computers (e.g Network desktop icon, control panel etc), folder redirection and many more. Preferences are a group policy extension that does the work which would otherwise require scripts. Preferences are used for both users and computers. You can use preferences to map network drives for users, map printers, configure internet options and more. Next, let’s take a look at how we can create and apply a Group Policy. FREE Hyper-V & VMware Backup: Easy to use - Powerful features - Just works, no hassle: It's FREE for Firewall.cx readers! Download Now!
|