Group Policy: Fundamentals, Security, and the Managed Desktop (2nd Edition)

Group Policy: Fundamentals, Security, and the Managed Desktop (2nd Edition)

Jeremy Moskowitz

Language: English

Pages: 740

ISBN: 1119035589

Format: PDF / Kindle (mobi) / ePub


The Ultimate Book on Group Policy

Freshly updated to include Windows 7, Windows 8 and Windows Server 2012, Group Policy: Fundamentals, Security, and the Managed Desktop, Second Edition is the book for learning everything you need to know about Group Policy, no matter which version of Windows you use. Microsoft Group Policy MVP Jeremy Moskowitz covers it all-major Group Policy categories, what Windows 8 and Windows Server 2012 bring to the table, and smart ways to tackle tough desktop management problems. Topics include troubleshooting, security, scripting, using Windows PowerShell when necessary, and much more.

Inside this book, you'll learn to:
Master all Group Policy functions of Windows, including Windows XP through Windows 8 and Windows Server 2003 through Windows Server 2012
Enhance your Group Policy reach with the Group Policy Preferences, ADMX files, and additional add-ons
Use every feature of the GPMC and become a top-notch administrator
Troubleshoot Group Policy using tools, logs, Resource Kit utilities, Registry hacks, and third-party tools
Manage printers, restrict hardware, and configure Internet Explorer
Deploy software to your desktops, set up roaming profiles, and configure Offline Files for all your Windows clients-and manage it all with Group Policy settings
Secure your desktops and servers with AppLocker, Windows Firewall with Advanced Security, and the Security Configuration Manager
Download bonus chapters and:
Script complex GPMC operations with PowerShell, including linking, backup, restore, permissions changes, and more
Create a "change management" system with Advanced Group Policy Management (AGPM v4)
Understand Windows Intune service and its relationship to Group Policy
Coverage Includes:
Updated GPMC
New Windows 8 GPMC Features
ADMX/ADML Files
Group Policy Preferences
Item-Level Targeting
The Central Store
AppLocker
Fine-Grained Password Policy
Offline Files Updates
Inheritance Blocking
Prioritization
Linking
Loopback Policy Processing
Security Policy Processing
Enforcing
WMI Filters
Third-Party Tools
Cross-Forest Trusts
Filters
Commenting
Searching
Advanced Logging and Troubleshooting
Advanced Auditing Controls
Group Policy and VDI
Security Configuration Manager
Windows Intune

Ant: The Definitive Guide (2nd Edition)

OpenGL Programming Guide: The Official Guide to Learning OpenGL, Version 4.3 (8th Edition)

Computational Intelligence in Image Processing

Fuzzy Knowledge Management for the Semantic Web (Studies in Fuzziness and Soft Computing)

Software Testing using Visual Studio 2012

Agile Software Engineering (Undergraduate Topics in Computer Science)

 

 

 

 

 

 

 

 

 

 

 

involved, you might be curious to see exactly what your interaction with Local Group Policy might look like. Local Group Policy is best used when Active Directory isn’t available, say either in a Novell NetWare environment or when you have a gaggle of machines that simply aren’t connected to a domain. Local Group Policy Editor The most expeditious way to edit the Local Group Policy on a machine is to click Start ➢ Run and type in GPEDIT.MSC. This pops up the Local Computer Policy Editor. You are

through Windows 10, there’s a secret superpower that takes Local Group Policy to the next level. The last time I discussed Local GPOs, I stated this: This Local Group Policy affects everyone who logs onto this machine—including normal users and administrators. Be careful when making settings here; you can temporarily lock yourself out of some useful functions. True—for pre-Vista machines, like Windows XP. On Vista and later, however, the superpower feature is that you can decide who gets which

container. This lets other administrators at other levels continue to link to that GPO if they want. Truly Deleting the Group Policy Object Itself You can choose to delete the GPO altogether—lock, stock, and barrel. The only way to delete the GPO itself is to drill down through Group Policy Management ➢ Domains ➢ Corp.com, locate the Group Policy Objects container, and delete the GPO. It’s like plucking a child directly from the swimming pool. Before you do, you’ll get a warning message, as

something that isn’t possible. For instance, you can force the wizard into seeing what happens if Frank Rizzo’s account is moved to another domain. But since there isn’t a way to actually move Frank’s account, the displayed results will be cockeyed. You’ll learn more about some of the additional concepts, such as slow-link processing and loopback processing, in Chapter 4. You’ll also learn more about WMI filters in Chapter 4. The output in Figure 2.28 shows what would happen if Frank Rizzo were

into production. That test lab could be connected to the live network (perhaps another domain in the same forest) or completely disconnected and “air gapped” from the live network. The GPMC supports all these functions, and that’s what we’ll explore now. Note that in the following sections, I’ll demonstrate fictitious domains that you won’t have in your test lab. Basic Interdomain Copy and Import Using the GPMC, you can take existing GPOs from any domain and copy them to another domain. The

Download sample

Download