Author: Darren Mar-Elia :: Wednesday, September 03, 2008 10:06 PM
This whitepaper provides an overview of the requirements for using the new Group Policy Preferences feature, and a quick overview of each new policy area within the product. Click on the Read More link below to download the PDF.
Author: Darren Mar-Elia :: Tuesday, June 10, 2008 10:21 PM
Group Policy leverages a complex and sometimes inconsistent model when it comes to storing the settings that you specify within a Group Policy Object (GPO). This is probably owing to the fact that, while there is a central group at Microsoft that is responsible for the Group Policy infrastructure, each product area that has policy settings (e.g. Security, IE, desktop) is responsible for implementing its own policy tools to leverage that infrastructure. As a result, policy settings for a given GPO may be scattered between file system storage and AD-based storage. To better understand this, let’s take a quick look at how Group Policy Objects are structured.
Author: Darren Mar-Elia :: Tuesday, June 10, 2008 10:18 PM
You’ve probably heard of registry tattooing as it relates to NT 4 system policy. Tattooing was the effect that you saw whenever you applied a registry policy to a computer or user and then removed that policy file. Even though the policy file was gone, those registry values that were set by the policy remained–tattooed into the registry until you explicitly removed them, either by setting the policy to the opposite value or manually going in and deleting the registry values. This wasn’t very helpful when managing systems or users that changed roles. As a result, when Microsoft introduced Group Policy in Win2K, they sought to change this tattooing behavior, at least for registry values. NT 4 System Policy became Administrative Templates in Win2K, XP and Win2003 Group Policy and with it came a new capability to prevent registry tattooing.
Author: Darren Mar-Elia :: Tuesday, June 10, 2008 10:17 PM
Whitepaper describing how to use the Software Installation feature in Group Policy.
(3rd party whitepaper–requires registration)
Author: Darren Mar-Elia :: Tuesday, June 10, 2008 10:14 PM
Whitepaper describing the security of the Group Policy infrastructure itself (3rd party whitepaper–requires registration)
Author: Darren Mar-Elia :: Tuesday, June 10, 2008 10:09 PM
(reproduced from my original posting on Mark Minasi’s Forum, with some embellishments)
This is really more of a checklist of the kinds of things that typically go wrong in GPO processing, and how you can check for them.
Author: Darren Mar-Elia :: Tuesday, June 10, 2008 10:06 PM
Group Policy Objects (GPOs) are processed by computer and user objects in AD. This processing occurs in two different ways. Specifically, GPOs are processed in the foreground during specific events and in the background on a periodic basis. Table 1 describes when each processing mode is triggered.