Group policy 101
I am trying to get the hang of group policy on sbs 2003 R2.
some questions:
a) any recommendation on an easy / complete tutorial / documentaiton on GP?
b) how do you find the entry you want to enable / disable? There's sooo many! I saw a spreadsheet for office 2003 GP entries. is there one for windows itself? Do you just get the hang of the key ones you need? Is there a thinking on how to find what you want?
c) some things seem like they'd be for users but could also be computer. Turning off autorun, for example. that's under computer, but if you want it to affect all users, it could be under user? Is there a rule of thumb where it will be / some are in 2 places, so where do you change it?
d) I tried making a new GPO (rather than edit the default ones that come with SBS - that's not the way to do it, right?). Under GPOs, I right clicked and chose new. then gave it a name . enabled some things. then I dragged it up to the domain and a link was made, like all the default policies. but then I ran the modeling wizard and that GPO wasn't in either the applied or denied GPOs.
but if I deleted the link, right click on the domain and choose link a gpo, then it worked. can't drag and drop?
e) when do you use the modeling vs. results wizard
THANKS!
some questions:
a) any recommendation on an easy / complete tutorial / documentaiton on GP?
b) how do you find the entry you want to enable / disable? There's sooo many! I saw a spreadsheet for office 2003 GP entries. is there one for windows itself? Do you just get the hang of the key ones you need? Is there a thinking on how to find what you want?
c) some things seem like they'd be for users but could also be computer. Turning off autorun, for example. that's under computer, but if you want it to affect all users, it could be under user? Is there a rule of thumb where it will be / some are in 2 places, so where do you change it?
d) I tried making a new GPO (rather than edit the default ones that come with SBS - that's not the way to do it, right?). Under GPOs, I right clicked and chose new. then gave it a name . enabled some things. then I dragged it up to the domain and a link was made, like all the default policies. but then I ran the modeling wizard and that GPO wasn't in either the applied or denied GPOs.
but if I deleted the link, right click on the domain and choose link a gpo, then it worked. can't drag and drop?
e) when do you use the modeling vs. results wizard
THANKS!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You would do the GPUpdate /Force on both server and workstation. Any workstation specific policy settings like startup scripts in the case of Office 2007 via GP would require a reboot.
Philip
Philip
ASKER
I envision to experiment / test / play, I'll have the SBS machine in the lab open on 1 screen and a desktop machine open on another.
when I make a change to gp on the server, do I run gpupdate / force on the desktop or server? And is that enough to see the changes made in GP or I need to log off? Shut down?
thanks!