5.1. Group Policies and Active Directory
Policies are the "business logic" of Windows domains. Each domain contains its own instance of Active Directory. AD is a hierarchical object-oriented database for machines, users, and named collections of objects, such as software. To create and enforce policies, Windows has an infrastructure that consists of a Group Policy engine, a set of client-side extensions (CSEs), and tools, such as templates, for writing policies.
Policy settings are managed as a set of virtual objects collectively referred to as Group Policy Objects (GPOs). Each GPO is stored in the Active Directory Group Policy container along with all of the policy attributes. There are default attributes, some that users can modify as part ...
Get Microsoft® Windows Server® 2008: Implementation and Administration now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
