Chapter 11. Group Policy Primer
Group Policy is a large topic that deserves a book in itself (and there are several of those) to be properly covered. We will discuss Group Policy as it applies specifically to the design and administration of an Active Directory installation in this book, but not as it applies to the actual settings and operations on a workstation.
The goal of policy-based administration is for an administrator to define the environment for users and computers once by defining policies, and then to rely on the system to enforce those policies. This chapter is an introduction to Group Policy and how to manage it. Chapter 15 covers how to begin designing Group Policy and the OU structures in support of Group Policy.
The scope and functionality of Active Directory group policies encompass a number of key points:
They can be targeted to individual computers and users, sites, domains, and organizational units.
They can apply to users, computers, or groups of either.
They can set values and automatically unset them in specified situations.
They can run scripts at user logon and logoff and computer startup and shutdown.
They can do far more than just a desktop lockdown.
With Group Policy, administrators can control the behavior of workstations and servers as well as managing the end user experience across the organization. There are literally tens of thousands of settings that you can apply to control everything from screensaver timeouts to desktop backgrounds to workstation power ...
Get Active Directory, 5th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
