Computer Group Policy – Windows Components

Windows Components – Group Policies in Server 2003Group Policy Computer Configuration Windows Settings

Here on this page I will guide you through the full list of Windows Component policy folders.  While each folder has numerous application specific policies, I anticipate that you will only need a handful of these settings.  Our problem is that each system needs a different set of policies, so you need to check through each section identifying the best policies for your domain.

Group Policy Topics


* Guy’s Top Group Policy

Always install with elevated privileges


This is what I mean by a specialist policy.  Not everyone uses Netmeeting and even those who do, may not need to lock down the settings.  Also there is not much here, because most of the settings are in the User Configuration.

Internet Explorer

One of several instances where you should decide whether to configure for the Computer or the User.  Once you have made up your mind, then you can start tightening up on security by disabling zones.

The most positive and useful Internet Explorer settings are found here.

Application Compatibility

If you wish to prevent legacy programs running then it is better to turn off both the Compatibility Wizard and the Engine.  I see no harm in leaving these setting and controlling which programs are allowed through Software Setting policies.

Guy Recommends: The Free IP Address Tracker (IPAT) Free IP Tracker

Calculating IP Address ranges is a black art, which many network managers solve by creating custom Excel spreadsheets.  IPAT cracks this problem of allocating IP addresses in networks in two ways:

For Mr Organized there is a nifty subnet calculator, you enter the network address and the subnet mask, then IPAT works out the usable addresses and their ranges.  For Mr Lazy IPAT discovers and then displays the IP addresses of existing computers. 

Download the Free IP Address Tracker

Internet Information Server

‘Prevent IIS Installation’  This is a Group Policy for servers that do not need IIS, for example file and print servers.

Task Scheduler

This is the Task Scheduler (not Task Manager).  The question is what tasks have been scheduled on their workstations?  Backup?  Your decision here depend on the level of responsibility that you give to users, I would imagine the bigger the company the less they need Task Scheduler, therefore you could ‘Hide the property pages’.  See also Windows 8 Task Scheduler »

Terminal Services

Terminal services has such a comprehensive selection of group polices that I have given them their own page.

Windows Installer

* ‘Always install with elevated privileges‘ will ensure that programs will install properly using system account rights.  Be aware that you must also enable this policy in the User Configuration.

Also be aware that power users may try and abuse these elevated privileges.  To some extent you can curb their powers by setting policies which stop them browsing for source during install.  If there is no reason to add software then you can disable the installer all together.

*Windows Messenger

Here are two useful Group Policy settings to control how Windows Messenger behaves.  Firstly, are you going to allow Messenger to run – at all?  If you do permit the Messenger to operate, would you want it to start automatically?

Windows Media

Two specialist folders to control the Media player and digital rights.  Policies include specifying proxy settings, also restrictions to hide unnecessary tabs.

Windows Update

Do you like it?  Well if you hate it here is your chance to disable the Update service searching for new patches.

Group Policy ebook Windows 2003Download my ‘Master Group Policies’ ebook only $6.25

The extra features you get in your eBook include: Spreadsheet with over 850 policies.  Printer friendly version over Word A4 pages in Word.

See more Computer Group Policy Settings

Computer Administrative Templates   • Terminal Services Policies

Group Policies  • Windows Components   • Software Installation   •Computer Network Policies

Computer Printer Policies   •Computer System Policies  •Troubleshooting Group Policies

If you like this page then please share it with your friends