Computer Group Policy – Windows Settings

Windows Group Policy Settings Section

Group Policy - Computer Configuration Windows SettingsFrom the policy creator’s point of view, this section is disappointing.  Why so?  Because almost all the security settings are configured at the domain level, not the OU.  Whilst logon scripts are still useful, most of the scripts are assigned under the User Configuration, rather than the Computer Configuration.

In contrast to this page, the User Configuration, Windows Settings has a much richer seam of Group Policy folders.

Group Policy Topics

Computer Configuration

   Windows Settings



Whilst logon scripts have been around for ever, Startup and Shutdown scripts are new in Active Directory.

In truth, I am still waiting for a ‘killer application’ for Startup and Shutdown scripts.  Most of the scripting jobs are carried out in by Logon and Logoff scripts in the User Configuration settings.

With scripts there are three distinct tasks.

  1. Deciding what the script will do.
  2. Writing the script using VBScript.  See Logon Script Section.
  3. Assigning the Startup scripts via Group Policies.

Startup Scripts

Computer Script - PolicyPresuming that the scripts have been written, all we have to do is add the .VBS file to the policy box.  I find that it is much better to copy the script into memory before you open the policy box, than to try and navigate once the box is open.

My point is that I would prefer to right-click and paste, rather than use the Open and Browse option.

Shutdown Script

As I mentioned earlier, I am still waiting for a major use for this type of computer script.

Security Settings

Trap: Security policies for domain users must be applied at the domain level.  Do not be deceived into thinking that you can have different password length and lockout policies for each OU.  Wrong.  I repeat, you cannot use the settings in an Organizational Unit to apply security policies.  In fact I was so enraged that I researched the matter, apparently these OU security policies only affect people who logon with LOCAL accounts – not domain accounts.

So, most of these settings are deceptive in that they will not ‘bite’ on domain users.

Solarwinds Config GeneratorGuy Recommends: The Free Config Generator

SolarWinds’ Config Generator is a free tool, which puts you in charge of controlling changes to network routers and other SNMP devices.  Boost your network performance by activating network device features you’ve already paid for.

Guy says that for newbies the biggest benefit of this free tool is that it will provide the impetus for you to learn more about configuring the SNMP service with its ‘Traps’ and ‘Communities’. Try Config Generator now – it’s free!

Download your free copy of Config Generator

Computer Policy Event LogEvent Log – Maximum size.

Perhaps the one Group Policy setting that you could profitably employ would be the Event Log size.

The picture shows how to increase the Security Log to 16 Mb.  If you prefer bigger logs, then you could repeat this procedure for the Application Log.

Do remember the old trap, this policy only applies to computers in THIS OU and not to those in the default Computers Container.  One answer is to create a top level OU for Servers, then assign this policy to that location.  Also remember where your domain controllers are stored – in the Domain Controllers folder.  Unlike the Users folder, the Domain Controllers container has its own Default Group Policy.

Group Policy ebook Windows 2003Download my ‘Master Group Policies’ ebook only $6.25

The extra features you get in your eBook include: Spreadsheet with over 850 policies.  Printer friendly version over Word A4 pages in Word.

See more Computer Group Policies

Troubleshooting Group Policies   • Software Installation   • Terminal Services Group Policy Settings

Group Policies  • Windows Components  • Windows Settings   •Computer Network Policies

Computer Printer Policies   • Computer Administrative Templates   •Computer System Policies

If you like this page then please share it with your friends