Unified Communications

05:00 AM
Connect Directly

How To: Setting Up Active Directory Group Policies

AD's Group Policy lets you set up and control exactly how users and computers operate so you can easily institute changes and controls -- just be sure you test and

The policy settings framework is extensible using configuration files, also known as ADM templates. If a specific application in your organization has an ADM template, you can, for example, control that application's settings using Group Policy. Unfortunately, there are few third-party ADM templates, though more are being developed.

Step-By-Step Screencast
Click on the image to launch a video screencast presentation of Group Policy Management deployment.

To apply policy settings to users and computers in your AD environment you must first configure a Group Policy Object (GPO), which resides in a special folder called "Group Policy Objects" within the AD domain. A GPO is a named collection of configured policy settings. As a best practice, only configure those settings necessary to accomplish an administrative task inside a GPO. If as part of your corporate security policy you require Windows Firewall be enabled on each computer, for example, you could create a GPO titled "Default Windows Firewall Settings" and configure the policy settings to match the desired firewall behavior on the target workstations, just like you would in the Windows control panel. Note that if the targeted operating system doesn't understand the setting, it will ignore it.

The policy settings in the GPO don't get enforced until you link the GPO to an Active Directory site, domain or organizational unit (OU). Once the GPO is associated with a site, domain or OU, the policy settings take effect for the users and computers defined within the scope of that container. If we link our firewall GPO at the domain level, for example, the policy settings apply to all XP workstations and 2003 servers in the domain. If we instead link the GPO to the Product Management Group (PMG) OU, the firewall settings only apply to computers inside that OU. GPOs can be linked in multiple places such as two different OUs, and a site, domain or OU can even have multiple GPOs linked to it.

2 of 8
Comment  | 
Print  | 
More Insights
White Papers
Register for Network Computing Newsletters
Current Issue
2014 State of Unified Communications
2014 State of Unified Communications
If you thought consumerization killed UC, think again: 70% of our 488 respondents have or plan to put systems in place. Of those, 34% will roll UC out to 76% or more of their user base. And there’s some good news for UCaaS providers.
Twitter Feed