Let’s take a step back, go to the 20-yard line, and remember why we’re getting jazzed up about Group Policy in the first place.
You’re jazzed up because you’re starting to realize the potential that Group Policy can bring: dictating settings for your operating system and making your world more “standardized.”
As you poke around the Group Policy editor, you’ll see there are lots of areas that we’ve already explored and some we haven’t. You’ve had a chance to handle the Administrative Templates section within policies. You’ve examined the Group Policy Preferences. In the next chapter you’ll learn about the items in the Security section. But let’s take some time to focus on an important aspect of Group Policy: extending its use to wider areas of our desktop environment. Sure, Group Policy is neat because it can manage operating system settings—like how you prevented users from getting into the Control Panel, or how you launched
calc.exe every time a user logged on.
But let’s take it to the next level.
Let’s start controlling our applications. True “control freaks” know that it’s us, not the users, who should be in charge. And using the power of Group Policy, we can manage our desktop applications like our operating system: let users change only what we want, and also ensure that our corporate controls are in place and that users don’t totally run the show.
To accomplish this, we need to understand the Administrative ...