NaplesFLDave
asked on
Active DIrectory 2003 Group Policy Slicing
I thinkk I have seen a technique where a new Group Policy is created and the set of objects in the policy is very focused on a few items, not the usual FULL set of objects usually present.
IE: Just setting the IE Policy to set the cache size.
What is the procedure for getting JUST the SubSet of settings from "somewhere" and using them for a new Group Policy object?
I have seen this type of GPO frpom another technician but I don't know how he did it.
IE: Just setting the IE Policy to set the cache size.
What is the procedure for getting JUST the SubSet of settings from "somewhere" and using them for a new Group Policy object?
I have seen this type of GPO frpom another technician but I don't know how he did it.
thomasd04
Hi NaplesFLDave. I'm not sure I understand the objective. Are you asking how to use multiple GPOs; with each one only addressing specific policies or settings? If I understand you correctly, you can have as many GPOs as you like. And each one can be tailored for any one or more specific settings you want. Do you have an idea on what you want each GPO to do?
ASKER
What I'm referring to is that usually when you add a new GPolicy you get a full list of Computer and User objects to drill into to make changes to. I have seen some GPolicy objects that only have a few settings in them. Like they have been copied out of another FULL template. How would I do this kind of Specific item selection for a new Policy?
I think you are refering to Custom ADM / ADMX templates so google those terms for a bunch of info.
Do you have any GPOs configured now?
Perhaps you're looking to create custom ADM or ADMX templates?
For Windows 2008: http://technet.microsoft.com/en-us/library/cc753471(WS.10).aspx
For prior versions: http://support.microsoft.com/kb/323639 or http://thelazyadmin.com/blogs/thelazyadmin/archive/2005/07/05/Creating-Custom-ADM-Templates.aspx.
I hope this helps.
Perhaps you're looking to create custom ADM or ADMX templates?
For Windows 2008: http://technet.microsoft.com/en-us/library/cc753471(WS.10).aspx
For prior versions: http://support.microsoft.com/kb/323639 or http://thelazyadmin.com/blogs/thelazyadmin/archive/2005/07/05/Creating-Custom-ADM-Templates.aspx.
I hope this helps.
ASKER
I asked another tech and instructed me as follows to get what I was trying to explain. I created a new Policy and selected NONE for the starup template. Then I edited the policy, selecting the items I wanted to adjust and they get added top the policy. Doing it this way eliminates all the usual large group of settings that would be included in the policy even if they were not configured. Thins it down nicely.
Thank you for the pointers for the Custom ADMs. I'll look into that also.
Thank you for the pointers for the Custom ADMs. I'll look into that also.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That seems to be pretty close. I actually have (3) AD Controllers. AD1 and AD2 are 2003 R2 and AD3 is 2008R2. I can use the Windows 7 (RSAT)Administration Tools GPM to create the new policy. Except unlike using the STARTER GPO's I selected NONE, so as not to bring over a bunch un-needed settings. Using NONE allows me to just select the one or two items that I actually need to adjust to my policy from the "left pane" to the right pane. I suppose that using the STARTER GPO templates that I could achieve the same thing. I have not tried that method yet.
Thanks.
Thanks.
ASKER
There is a mass of info to filter through.