UEU-co logo

ch11lev1sec1.html


Previous Page Next Page

Hour 11. Deploying Group Policy and Network Access Protection

What You’ll Learn in This Hour:

A method of controlling the user environment provided to your network clients is the deployment of group policies. This hour takes a look at how to use Group Policy to control the user environment and enable features such as user logon auditing. It also looks at Group Policy in terms of the bigger picture of controlling domain policies related to security settings and their inheritance by downstream objects (such as Organizational Units [OUs]).

There’s also a new Windows feature, the Network Policy Server service, which enables you to require that network clients meet certain “health requirements” (such as the Windows Firewall being enabled and the antivirus software signatures being up to date) for full network access. The Network Policy Server service is part of the Network Policy and Access Services role.

Understanding Group Policy

Group Policy provides a framework for controlling the user or computer environment in any Windows server container, including domains, sites, and Organizational Units. Security policies can also exist at the local computer level and are very much like a local set of group policies. However, Group Policy at the domain level is tightly wound with the Active Directory Domain Services (AD DS), which is where you manage the various domain containers (such domains, sites, and OUs).

Group Policy objects actually dictate the rules or settings that determine how Group Policy affects users and computers in the target container (or on the local computer). For example, a Group Policy object (GPO) can determine the applications available to users in a particular domain or OU (creating OUs is discussed in Hour 9, “Creating Active Directory Groups, Organizational Units, and Sites”). To affect a container such as a domain or site with a particular GPO, the GPO is linked to the container.

GPOs can contain two types of settings: computer configuration settings and user configuration settings. Group Policy is managed with two different tools: the Group Policy Management snap-in, which was first introduced with the release of Windows Server 2003, and the Group Policy Object Editor. Both these tools are examined in this hour.

Previous Page Next Page

Leave a Reply


Time limit is exhausted. Please reload the CAPTCHA.

Categories

apply_now Pepperstone Group Limited