Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

GPMC Newbie Question

Posted on 2011-03-22
7
Medium Priority
?
323 Views
Last Modified: 2012-06-27
I'm pretty new to group policies.  I've dabbled with disabling Windows features and such, but never used GPO's for their true potential.  I want to implement a group policy server on my network, mostly for the purpose of publishing software to AD users and assigning printers.  My network still has a Windows 2003 domain controller at the heart of it, but there are several Windows 2008 R2 servers as well.  My question is, where would I install the GPMC features?  Do they need installed on the DC, or can I install it on any server?  
0
Comment
Question by:ND02G
7 Comments
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 35191082
Group policy is already installed when you set up a domain. On a windows 7 machine, install RSAT. This will give you the group policy management console.
0
 
LVL 70

Accepted Solution

by:
KCTS earned 2000 total points
ID: 35191115
GPMC is included as standard in 2008, with 2003 it can be installed if its not there already.

It must be installed/used on a machine that has the Admin Tools/Remote Server Admin Tools installed, this need not be the DC.
0
 

Author Comment

by:ND02G
ID: 35191165
Thanks KCTS, that question being answered.. Would it be better practice to have an entire server dedicated to group policies?  Or is that overkill?  I have maybe 200 AD users total...
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 57

Expert Comment

by:Mike Kline
ID: 35191169
Good screenshots of the GPMC install in 2008 R2  http://www.gpanswers.com/home/135-gpmc/668-group-policy-the-gpmcits-part-of-the-operating-system.html

If you are new to group policy the most important thing is always try and test first before deploying a policy.  (even if it is just to test OU if you don't have a lab)

You may also want to look into some of these resources  http://adisfun.blogspot.com/2009/07/group-policy-recomendations.html

Thanks

Mike
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 35191181
You should install on Windows 7 and/or Windows 2008 R2. You won't have access to all of the policy settings if you are doing configuration from XP/2003.

To do printer assignments your XP clients need to be running SP3 (which they should be anyway) and Group Policy Preferences.  It can be installed manually or through WSUS. I don't know if a machine just using Automatic Updates will get it.  
0
 
LVL 70

Expert Comment

by:KCTS
ID: 35191189
The Group policies will be stored on the DC(s) - The GPMC simply allows them to be edited - they will still be stored on the DC(s) even if you enit them from another machine.
0
 

Author Comment

by:ND02G
ID: 35191196
I'll be handing out 500 points questions all week until I get this up and running.  If anyone wants to follow me on EE and lend a hand, it will be rewarded nicely :)
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question