Solved

Group policy processing - one versus multiple gpos decision

Posted on 2011-09-05
4
317 Views
Last Modified: 2012-05-12
Hi guys hope you are all well and can assist.
Guys I really need some clarification as to how group policies are applied and processed by machines.

What I'm failing to understand is this.

Scenario: Microsoft Office 2003 and 2007 USER group policy settings in the one gpo.
If a user logs on to a machine that has MS office 2007 installed, and this gpo gets applied, what happens to the office 2003 settings in this gpo?
Do they get ignored? Do they still get applied eg.get entered into the systems registry, but have no effect?
Conversely, if that same user went to a machine that had office 2003 installed, what happens to the office 2007 settings?
Does it slow down Logon time due to all settings getting processed?
What I'm trying to understand is whether it is better to break up this gpo into multiple gpos - one for each version of office, or whether it is best practice to leave them all in the same gpo?
Is there extra overhead in terms of time spent processing the gpo if all office settings for all versions are placed in the one gpo, as opposed to breaking it up into one gpo per office version?
Also, is is true that if a machine has for example, office 2007 installed, that it will only apply office 2007 settings from the gpo and not other settings from the gpo for other versions of office? Is this because the client reads the gpo and first checks what settings is applicable to itself? Or, if the user is meant to get the gpo, does it apply EVERY setting withinthe gpo regardless of office version? This is what I need to understand.

Sorry if this is a long question..I really want to understand this.
Any help greatly appreciated.
0
Comment
Question by:Simon336697
  • 2
4 Comments
 
LVL 7

Accepted Solution

by:
myhc earned 250 total points
ID: 36485777
All settings get appied. It will show down but not much (you won't notice it)

I would break them up and create a group security for 2003 & 2007 so only the settings I want get applied.

As far as i'm aware all settings are applied. they all end up as REG changes.
(you can make your own adm files to control any REG key, so it doesn't require anything special as you could have made that ADM file yourself... and then it would have applied the settings.
0
 
LVL 11

Assisted Solution

by:Ackles
Ackles earned 250 total points
ID: 36487434
Simon,
If you look at the Operational Logs of Group Policy, you will see it actually takes Milliseconds to apply, which you won't even notice.
Remember, its not the Messanger but the message what is culprit in GPO.
0
 
LVL 1

Author Comment

by:Simon336697
ID: 36488003
Thanks guys.
0
 
LVL 11

Expert Comment

by:Ackles
ID: 36488047
Thanks Simon.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Changing passwords 3 27
Can not remove Old Primary Domain controller 7 67
Error when logging into pinterest- Java- cookies- browser 1 21
Replication problems 6 20
Mapping Drives using Group policy preferences Are you still using old scripts to map your network drives if so this article will show you how to get away for old scripts and move toward Group Policy Preference for mapping them. First things f…
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question