Scribd Logo
Upload

Welcome to Scribd!

  • Group Policy

    Uploaded by

    deepak
    256 views12 pages
    group policy

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    group policy

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    256 views12 pages

    Group Policy

    Uploaded by

    deepak
    group policy

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    Group policy

    Organizational unit (O.U)

     It is logical container which contain AD


    objects (Users, groups, OU and other
    objects)

     It is called as subtree

     It is used for minimizing administrative


    task
     It is used for organizing and
    managing AD objects

     It is used for delegating control to


    one or more user

    Steps to create O.U


    Group policy: -

     Group policy is collection of setting


    which can be applied on computers and
    users

     With group policy administrator can


    easily manage the computers and users

     Ease administration using group policy


    Group policy can be assigned at three
    levels: -

    1) OU level
    2) Domain level
    3) Site level

    1)OU level: -
    If policies are applied at OU level then the
    policy will be applied to all the object in
    the OU
    Domain level policy: -
    If policies are applied at domain level
    then policy will be applied to all the
    objects in domain including
    administrator

    Normally system applies domain


    policy first and then it will apply OU
    level policy
    If any conflict occurs as an
    example u have removed search
    option on domain level, but on OU
    level u have given show search,
    then in this case OU level policy
    will win out, coz first policy is
    applied to domain level, here in
    this case administrator will not be
    able to see search on start menu,
    but OU users will be able to.
    Case 1:
    Domain level: 1) Remove my doc
    2) Remove recycle
    bin
    OU level: 1) Remove my comp
    2) Prevent CMD
    Result: for all users domain level
    policies will be applied

    and for OU users both domain and


    OU level policies will be applied
    Case2)
    Domain level: 1) Remove my doc
    2) Remove my recycle
    OU level : 1) Remove my comp
    2) Prevent CMD
    3) Show my doc
    Result: For all domain users domain
    level policies will be applied
    For OU users Remove my recycle,
    remove my comp, prevent CMD, show
    my DOC
    Note:
    Whenever there is conflict
    between two levels then policies
    will be applied from TOP to bottom
    and their respective level policies
    will be applied
    Block policy inheritance:

    It is use to stop inheritance from


    higher level policy, e.g. domain level
    policy. After enabling this higher level
    policy will not affect lower level policy
    No override option is used when you have
    multiple group policy object for one OU
    and you want that policy mentioned on
    this OU should not be overwritten by
    higher prior group policy object

    OU, GPO-> hide help and support


    GPO1show help and support
    use No override option on GPO1, users
    will be able to access the help and
    support

    You might also like