• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 339
  • Last Modified:

Best way to deploy Group Policy Objects...

I'm asking this question to get some feed back on how you guys deploy GPO's. I'm a heavy user of GP, but never had one or a group of people say this is the way they do it because... My question is, do you deploy a GP for a specific task such as mapping drives and that's it or do you deploy a lot of actions into one GP, such as printers, drives, shortcuts and other items. I can see the win-win for doing it both ways, but just wanted to ask you guys and see the way you do it and maybe a reason for it. I really do not think there is a bad way to do it, but wanted to get some feedback on it. Thanks for the discussion guys, it is greatly appreciated.
2 Solutions
Brian PiercePhotographerCommented:
Its always a compromise between having a small number of GPOs with lots of settings (that get applied quickly but are more of a problem to manage), and having lots of GPOs each doing a specific thing (which takes longer to apply but is easier to manage).
I do a lot of stuffs through GP. I don't put a lot of actions in one GP and i don't think that's the best way to do.
ChiBotAuthor Commented:
It is something that I have always thought over. I'm not in a large organization by any means, so it is easy to break them off into single GPO's and not have 100s. I posted this because I'm really rethinking my GP because of the new preferences they added with the release of 7/2008. Just so much more to control and wanted to get a feel of what other people are doing. Thanks for your quick responses.
Joseph DalyCommented:
This is definitely open for alot of discussion. We have some gpos that are configured both ways. Our default domain policy has many settings in it that we use to get the computer to the baseline we would like. We also have other single gpos that do specific modifications or updates for systems when necessary.

I kind of like the idea of having individual GPOs for each options you would like to configure. In my mind it is just easier to track down an issue or conflict if you know exactly what each GPO does and there arent a million settings in them.
Mike KlineCommented:
Yeah I agree with everyone else, it depends.  I just wanted to post a great article by top GP MVP Darren Mar-Elia.  From Technet Magazine last year...very well written article.  That is where I learned that disabling the computer or user section of a GPO did nothing...I was wrong on that for so many years :)
Optimizing Group Policy Performance
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now