Scribd Logo
Upload

Welcome to Scribd!

  • Implementing and Administering Active Directory: Practical 7 Group Policy Object (GPO)

    Uploaded by

    Harris
    29 views5 pages
    1. The document discusses creating and configuring Group Policy Objects (GPOs) in Active Directory. It provides steps to create a GPO, apply settings like "No Override" and "Block Inheritance", and configure specific policy settings. 2. An exercise is included where the reader is asked to create Organizational Units (OUs) with user accounts, and apply GPOs at each OU to configure settings like desktop wallpaper, programs to run at logon, and hiding the "Run" menu. 3. The reader is asked to list the policy settings applied at each OU for different GPO configuration scenarios, including when settings

    Original Description:

    Original Title

    Lab_7_GPO-W2008

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    1. The document discusses creating and configuring Group Policy Objects (GPOs) in Active Directory. It provides steps to create a GPO, apply settings like "No Override" and "Block Inheritance", and configure specific policy settings. 2. An exercise is included where the reader is asked to create Organizational Units (OUs) with user accounts, and apply GPOs at each OU to configure settings like desktop wallpaper, programs to run at logon, and hiding the "Run" menu. 3. The reader is asked to list the policy settings applied at each OU for different GPO configuration scenarios, including when settings

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    29 views5 pages

    Implementing and Administering Active Directory: Practical 7 Group Policy Object (GPO)

    Uploaded by

    Harris
    1. The document discusses creating and configuring Group Policy Objects (GPOs) in Active Directory. It provides steps to create a GPO, apply settings like "No Override" and "Block Inheritance", and configure specific policy settings. 2. An exercise is included where the reader is asked to create Organizational Units (OUs) with user accounts, and apply GPOs at each OU to configure settings like desktop wallpaper, programs to run at logon, and hiding the "Run" menu. 3. The reader is asked to list the policy settings applied at each OU for different GPO configuration scenarios, including when settings

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    Implementing and Administering Active Directory

    Practical 7
    Group Policy Object (GPO)

    Introduction

    Group policies are collection of user and computer configuration settings that specify
    how programs, network resources, and the operating system work for users and
    computers in an organization. Group policy can be set up for computers, sites, domains,
    and OUs. For example, using group policies, you can determine the programs that are
    available to users, the programs that appear on the user’s desktop, and Start menu
    options. Although the name “Group Policy” suggests that you might set policies for
    global, domain local, or universal groups, this is not the case. Instead, think of Group
    Policy as groupings of policy settings that are linked to computers, sites, domains, and
    OUs.

    Learning Outcomes:

    ● Able to create, configure and verify group policy object (GPO)

    PRACTICE 1: CREATING AND CONFIGURING GPO

    Creating a GPO

    Step:
    1. Click Start, point to Administrative Tools, and then click Group Policy
    Management

    2. Right-click domain, or OU for which you want to create a GPO, and then click
    Creat a GPO in this domain an d Link it here..

    3. Create a new GPO and type the name you want to use for this GPO.

    4. Click OK.

    Applying No Override (Enforced) to a GPO

    In Windows Server 2008, No Override setting is known as Enforced.

    Step:
    1. After creating a GPO, right click the GPO and choose Enforced.
    Applying Block Inheritance to an OU

    Step:
    1. Go to Group Policy Management.

    2. Right click an OU, and choose Block Inheritance.

    To hide RUN command using GPO

    Step:
    1. At the Group Policy Management, right click a GPO you have created before and
    choose edit.

    2. Under User Configuration -> Administrative Templates -> Start Menu and
    Taskbar.

    3. Choose Remove Run menu from Start Menu

    4. Double click it.

    5. Choose Enable.

    6. Click OK.

    Testing GPO configuration

    Step:
    1. Log off administrator.

    2. Log–on as an user belongs to the OU that have been linked with the GPO.

    3. See whether the Run option exist or not.

    Refreshing a GPO

    Each GPO is refreshed when you restart your computer. When you modify the settings
    in a GPO, they are refreshed every 90 minutes on a workstation or server agpnd every
    five minutes on a domain controller. The setting are also refreshed every 16 hours,
    whether or not there are any changes. To refresh GPOs immediately,

    Step:
    1. Click Start, and then click Run.
    2. In the Run dialog box, type gpupdate and then click OK.

    EXCERSICE

    In your current domain (zombie.com), create five OUs (UTeM, FTMK, FKEKK, DIT and
    BITC) as shown in Figure 1 below. In each OU, create one domain user account with
    details as shown in Table 1. Ensure that all domain user accounts (Prof1, Prof2, Prof3,
    Prof4, and Prof5) are member of Print Operator in the domain.

    Table 1
    OU USERNAME PASSWORD
    UTeM Prof1 yGhs72bs
    FKEKK Prof2 yGhs72bs
    FTMK Prof3 yGhs72bs
    BITC Prof4 yGhs72bs
    DIT Prof5 yGhs72bs

    Figure 1

    Then, create a GPO at each OU with configuration shown in Table 2.

    Table 2
    Domain/OU Configuration
    zombie.com ● User Configuration>Administrative Templates>Desktop>Desktop>Desktop
    Wallpaper
    Enabled with wallpaper name C:\WINDOWS\Web\Wallpaper\img1.jpg
    (stretch)
    ● Config1
    UTeM ● User Configuration>Administrative Templates>System>Logon>Run these
    program at user logon
    Enabled with item to run at logon = Calc
    ● User Configuration>Administrative Templates>Start Menu and
    Taskbar>Remove Run menu from Start Menu
    Enabled
    FTMK ● User Configuration>Administrative Templates>Desktop>Desktop>Desktop
    Wallpaper
    Enabled with wallpaper name C:\WINDOWS\Web\Wallpaper\img2.jpg
    (stretch)
    ● Config2
    DIT ● User Configuration>Administrative Templates>System>Logon>Run these
    program at user logon
    Enabled with item to run at logon = Notepad
    ● Config3

    List all the policies applied at each OU in terms of wallpaper, item run at logon, and Run
    menu availability when

    1. Config1 = NIL, Config2 = NIL, Config3 = NIL.


    2. Config1 = No Override, Config2 = NIL, Config3 = NIL.
    3. Config1 = No Override, Config2 = Block Policy Inheritance, Config3 = NIL.
    4. Config1 = NIL, Config2 = Block Policy Inheritance, Config3 = NIL.
    5. Config1 = NIL, Config2 = NIL, Config3 = Block Policy Inheritance.

    Do not forget to refresh a GPO or restart your system after creating/altering GPOs.

    Case OU Wallpaper Item run at Run menu


    logon availability
    1 UTeM Img1 Calc Invisible
    FKEKK Img1 Calc Invisible
    FTMK Img2 Calc Invisible
    BITC Img2 Calc Invisible
    DIT Img2 Notepad Invisible
    2 UTeM Img1 Calculator Invisible
    FKEKK Img1 Calculator Invisible
    FTMK Img1 Calculator Invisible
    BITC Img1 Calculator Invisible
    DIT Img1 Notepad Invisible
    3 UTeM Img1 Calculator Invisible
    FKEKK Img1 Calculator Invisible
    FTMK Img1 None Visible
    BITC Img1 None Visible
    DIT Img1 Notepad Visible
    4 UTeM Img1 Calculator Invisible
    FKEKK Img1 Calculator Invisible
    FTMK Img2 None Visible
    BITC Img2 None Visible
    DIT Img2 Notepad Visible
    5 UTeM Img1 Calc Invisible
    FKEKK Img1 Calc Invisible
    FTMK Img2 Calc Invisible
    BITC Img2 Calc Invisible
    DIT Default Notepad Visible

    You might also like