Computer Performance, Windows Server 2003

3CX Phone System for Windows - VOIP IP PBX

3CX Phone System for Windows -
VOIP IP PBX

Get your 5 free applications now

Application Publishing with 2X ApplicationServer

Group Policy for Windows 2003 Server - Home

Guy RecommendsGFi Events Manager

A solution to monitor, manage and archive thousands of events that are generated by devices across the entire network. 
Download FREE trial

Who is this Group Policy Section for?

  • Administrators who want to plan their Windows 2003 Group Policy.
  • Experienced network managers who wish to lockdown their users' Start menu.
  • Network Architects who need to turn a desktop vision into reality.
  • Those upgrading from a previous client who want an overview of XP policies.

  ‡

What are Windows 2003 Group Policies?

With planning, Microsoft's Group Policies can control every aspect of a computer desktop.  Whilst the master plan is to control the configuration of both the user and the computer settings, the technique is to define each setting once in an Active Directory Group Policy.  For example, if you need to change everyone's proxy server, the add the IP addresses to a Group Policy rather than edit every Internet Explorer manually.

It may help to remember that Group Policies manipulate registry values, consequently, if the item that you want to control is in the registry, then it can be set by a policy.  Where registry keys do not have ready-made policies, it is possible to create your own policy templates.  However, designing your own templates would be a specialist job for your developers.

TrainSignal - Recommended Training VideosTroubleshooting Group Policies is tricky

As an MCT trainer, I can thoroughly recommend TrainSignal because they provide practical hands on training.  In particular, I like the way TrainSignal cover all learning methods, instructor lead, video and of course text material.  You can either take one module, for example Group Policy or go for a combination of modules.  See more about Group Policy training here

Group Policy Contents

Some say Microsoft have created 700+ group polices for XP, while others tell me that there are over 850.  What ever the exact total, the point is that Group Policies are here to stay, and that each new version of Windows will bring yet more settings to organize the desktop.  Here are the commonest policy categories for XP / Windows Server 2003.  Incidentally Windows Server 2003 SP1 added hundreds more Group Policies, particularly to the Inetres (Internet Explorer) section.

  • Security settings, passwords: length, frequency, lockout duration.
  • Desktop settings, which icons appear, and which are features are hidden.
  • Software assigned to the user, which programs are available from the start menu.
  • Folder redirection, where  is the 'My documents' are stored?
  • Settings which dictate the operating system behaviour, for example, disable unnecessary services such as IIS or telnet.

Guy's Group Policy Mission

My mission is to bring each Group Policy category or folder to life.  I want to save you time by concentrating on what I consider are the best settings in each Group Policy folder.  Look out for 'Guy's top selections' on each page.  Occasionally, I express an opinion that a policy is of limited use - no sitting on the fence!  However, even if a policy is only needed for specialist configurations, I still point out its purpose, just in case it applies to your situation.

Before you begin evaluating policies, I urge you to decide on the security rating of your organization.  It is important to have a reference point, otherwise it will be difficult to gain a perspective of what makes sense for your users.  My advice is aimed at those who need medium security setting for their domains; therefore, if you are a high or low security company then make the necessary adjustments when assessing my selections.Windows Group Policy Settings

Remember, that the more security that you enforce, the more work there will be for you.  For instance, do not insist on 14 letter, complex passwords, just because they are the highest settings.  However, if there is a good business case for this level of security, then fair enough, but does take on extra help desk staff to cope with the resultant password lockouts.

Pre-requisites for creating policies

  • The advice and screen shots in this section are designed for Windows Server 2003, however many of the settings are available in Windows 2000.
  • You have installed the GPMC (Group Policy Management Console), available as a free download from Microsoft's site.
  • You create a test OU.  (Not essential, but safer than using the default domain policy.)
  • Right click your OU, Properties, Group Policy.  Click on Open.
  • Right click on your OU, and select 'Create and Link a GPO Here..'
  • Right click your policy, then edit.

Next step

If you are itching to start configuring Group Policies, the best place to begin is here at User Configuration, Administrative Templates.

On the other had if you want an overview of Group Policy then here is the best page.


 Group Policy ebook Windows 2003 Download my 'Master Group Policies' ebook only $6.25

The extra features you get in your eBook include: Spreadsheet with over 850 policies.  Printer friendly version over Word A4 pages in Word.

 *

Google

Web  This website

Solarwinds IpMonitorIs Your Server Running Slowly?

Check with SolarWinds ipMonitor

Analyze your network with ipMonitor.  Get a free evaluation copy, and monitor the performance of the servers on your network.
Free Download of SolarWinds ipMonitor

 

Home Copyright © 1999-2009 Computer Performance LTD All rights reserved

Please report a broken link, or an error.